diff options
author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-02-13 10:14:38 +0100 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-02-13 10:14:38 +0100 |
commit | 76b07a5b607a7a5c7e44630660d9cdf16c5c2fd6 (patch) | |
tree | 2fa505e28d0a6d4eed76fc92100a03a6307d380e | |
parent | fdd137f8b3924679df6bb4e361ba228b9fe7d12b (diff) | |
download | vulns-76b07a5b607a7a5c7e44630660d9cdf16c5c2fd6.tar.gz |
bippy: support tags better
And add some more info in the mbox output
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-rwxr-xr-x | scripts/bippy | 55 | ||||
-rw-r--r-- | scripts/tags | 351 |
2 files changed, 383 insertions, 23 deletions
diff --git a/scripts/bippy b/scripts/bippy index e2c21c5a..051f05fb 100755 --- a/scripts/bippy +++ b/scripts/bippy @@ -500,7 +500,7 @@ done # Generate the "vulnerable" kernel json and mbox information vuln_array_json="" vuln_array_mbox=() -for entry in ${fixed_pairs[@]}; do +for entry in "${fixed_pairs[@]}"; do x=(${entry//:/ }) vuln=${x[0]} fix=${x[1]} @@ -522,27 +522,27 @@ for entry in ${fixed_pairs[@]}; do fi done dbg "vuln_array_json=${vuln_array_json}" -dbg "vuln_array_mbox=${vuln_array_mbox[@]}" - -# Strip off the signed-off-by stuff out of the commit text. -# Yes, this should be a better regex, and yes, it's going to get long, -# lots of people put lots of crud in changelog text, so use a case -# insensitive line deletion "/pattern/Id" and sed -# There has to be a better way than just calling sed a bunch, right? -commit_text=$(echo "${commit_text}" | sed -e '/^acked-by:/Id') -commit_text=$(echo "${commit_text}" | sed -e '/^cc:/Id;/^signed-off-by:/Id') # multiple on one call... -#commit_text=$(echo "${commit_text}" | sed -e '/^signed-off-by:/Id') -commit_text=$(echo "${commit_text}" | sed -e '/^closes:/Id') -commit_text=$(echo "${commit_text}" | sed -e '/^co-developed-by:/Id') -commit_text=$(echo "${commit_text}" | sed -e '/^fixes:/Id') -commit_text=$(echo "${commit_text}" | sed -e '/^from:/Id') -commit_text=$(echo "${commit_text}" | sed -e '/^link:/Id') -commit_text=$(echo "${commit_text}" | sed -e '/^message-id:/Id') -commit_text=$(echo "${commit_text}" | sed -e '/^reported-and-tested-by:/Id') -commit_text=$(echo "${commit_text}" | sed -e '/^reported-by:/Id') -commit_text=$(echo "${commit_text}" | sed -e '/^reviewed-by:/Id') -commit_text=$(echo "${commit_text}" | sed -e '/^suggested-by:/Id') -commit_text=$(echo "${commit_text}" | sed -e '/^tested-by:/Id') +for entry in "${vuln_array_mbox[@]}"; do + dbg "vuln_array_mbox=${entry}" +done + +# Strip off all of the signed-off-by stuff out of the commit text. +# We have a long list of "tags" to drop in the file, "tags", so compose +# the sed regex from the file and run the changelog through sed to strip +# things off. +# tags consist of one-line-per-tag, and we search the beginning of the +# line and a ':' character. This saves us from doing a whole bunch of: +# commit_text=$(echo "${commit_text}" | sed -e '/^cc:/Id;/^signed-off-by:/Id') +# calls. +sed_script="" +for tag in $(cat "${DIR}"/tags); do + sed_script+="/^${tag}:/Id;" +done +#dbg "sed_script=${sed_script}" +sed_file=$(mktemp "${TMPDIR}"/bippy.XXXX || exit 1) +echo "${sed_script}" > "${sed_file}" +commit_text=$(echo "${commit_text}" | sed -f "${sed_file}") +rm "${sed_file}" # We point only at the "root" fix, not in any of the stable branches. @@ -629,7 +629,7 @@ fi # end json creation if [[ "${MBOX_FILE}" != "" ]] ; then cat << EOF > "${MBOX_FILE}" From ${SCRIPT}-${SCRIPT_VERSION} Mon Sep 17 00:00:00 2001 -From: Greg KH <gregkh@linuxfoundation.org> +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> To: <linux-cve-announce@vger.kernel.org> Reply-to: <cve@kernel.org> Subject: ${CVE_NUMBER}: ${subject} @@ -652,6 +652,15 @@ EOF cat << EOF >> "${MBOX_FILE}" +Please note that only supported kernel versions have fixes applied to +them. For a full list of currently supported kernel versions, please +see https://www.kernel.org/ + +Unaffected versions might change over time as fixes are backported to +older supported kernel versions. The official CVE entry at + https://cve.org/CVERecord/?id=${CVE_NUMBER} +will be updated if fixes are backported, please check that for the most +up to date information about this issue. Mitigation ========== diff --git a/scripts/tags b/scripts/tags new file mode 100644 index 00000000..3a70f86a --- /dev/null +++ b/scripts/tags @@ -0,0 +1,351 @@ +about-fscking-timed-by +accked-by +aced-by +ack +ack-by +ackde-by +acked +acked-and-reviewed +acked-and-reviewed-by +acked-and-tested-by +acked-b +acked-by +acked-by-stale-maintainer +acked-by-with-comments +acked-by-without-testing +acked-for-mfd-by +acked-for-now-by +acked-off-by +acked-the-net-bits-by +acked-the-tulip-bit-by +acked-with-apologies-by +acked_by +ackedby +ackeded-by +acknowledged-by +acted-by +actually-written-by +additional-author +all-the-fault-of +also-analyzed-by +also-fixed-by +also-posted-by +also-reported-and-tested-by +also-reported-by +also-spotted-by +also-suggested-by +also-written-by +analysed-by +analyzed-by +aoled-by +apology-from +appreciated-by +approved +approved-by +architected-by +assisted-by +badly-reviewed-by +based-in-part-on-patch-by +based-on +based-on-a-patch-by +based-on-code-by +based-on-code-from +based-on-comments-by +based-on-idea-by +based-on-original-patch-by +based-on-patch-by +based-on-patch-from +based-on-patches-by +based-on-similar-patches-by +based-on-suggestion-from +based-on-text-by +based-on-the-original-screenplay-by +based-on-the-true-story-by +based-on-work-by +based-on-work-from +belatedly-acked-by +bisected-and-acked-by +bisected-and-analyzed-by +bisected-and-reported-by +bisected-and-tested-by +bisected-by +bisected-reported-and-tested-by +bitten-by-and-tested-by +bitterly-acked-by +blame-taken-by +bonus-points-awarded-by +boot-tested-by +brainstormed-with +broken-by +bug-actually-spotted-by +bug-fixed-by +bug-found-by +bug-identified-by +bug-reported-by +bug-spotted-by +build-fixes-from +build-tested-by +build-testing-by +catched-by-and-rightfully-ranted-at-by +caught-by +cause-discovered-by +cautiously-acked-by +cc +celebrated-by +changelog-cribbed-from +changelog-heavily-inspired-by +chucked-on-by +cked-by +cleaned-up-by +cleanups-from +co-author +co-authored +co-authored-by +co-debugged-by +co-developed-by +co-developed-with +committed +committed-by +compile-tested-by +compiled-by +compiled-tested-by +complained-about-by +conceptually-acked-by +confirmed-by +confirms-rustys-story-ends-the-same-by +contributors +credit +credit-to +credits-by +csigned-off-by +cut-and-paste-bug-by +debuged-by +debugged-and-acked-by +debugged-and-analyzed-by +debugged-and-tested-by +debugged-by +deciphered-by +decoded-by +delightedly-acked-by +demanded-by +derived-from-code-by +designed-by +diagnoised-by +diagnosed-and-reported-by +diagnosed-by +discovered-and-analyzed-by +discovered-by +discussed-with +earlier-version-tested-by +embarrassingly-acked-by +emphatically-acked-by +encouraged-by +enthusiastically-acked-by +enthusiastically-supported-by +evaluated-by +eventually-typed-in-by +eviewed-by +explained-by +fairly-blamed-by +fine-by-me +finished-by +fix-creation-mandated-by +fix-proposed-by +fix-suggested-by +fixed-by +fixes +fixes-from +forwarded-by +found-by +found-ok-by +from +from +grudgingly-acked-by +grumpily-reviewed-by +guess-its-ok-by +hella-acked-by +helped-by +helped-out-by +hinted-by +historical-research-by +humbly-acked-by +i-dont-see-any-problems-with-it +idea-by +idea-from +identified-by +improved-by +improvements-by +includes-changes-by +initial-analysis-by +initial-author +initial-fix-by +initial-patch-by +initial-work-by +inspired-by +inspired-by-patch-from +intermittently-reported-by +investigated-by +lightly-tested-by +liked-by +link +list-usage-fixed-by +looked-over-by +looks-good-to +looks-great-to +looks-ok-by +looks-okay-to +looks-reasonable-to +makes-sense-to +makes-sparse-happy +maybe-reported-by +mentored-by +modified-and-reviewed-by +modified-by +more-or-less-tested-by +most-definitely-acked-by +mostly-acked-by +much-requested-by +nacked-by +naked-by +narrowed-down-by +niced-by +no-objection-from-me-by +no-problems-with +not-nacked-by +noted-by +noticed-and-acked-by +noticed-by +okay-ished-by +oked-to-go-through-tracing-tree-by +once-upon-a-time-reviewed-by +original-author +original-by +original-from +original-idea-and-signed-off-by +original-idea-by +original-patch-acked-by +original-patch-by +original-signed-off-by +original-version-by +originalauthor +originally-by +originally-from +originally-suggested-by +originally-written-by +origionally-authored-by +origionally-signed-off-by +partially-reviewed-by +partially-tested-by +partly-suggested-by +patch-by +patch-fixed-up-by +patch-from +patch-inspired-by +patch-originally-by +patch-updated-by +patiently-pointed-out-by +pattern-pointed-out-by +performance-tested-by +pinpointed-by +pointed-at-by +pointed-out-and-tested-by +proposed-by +pushed-by +ranted-by +re-reported-by +reasoning-sounds-sane-to +recalls-having-tested-once-upon-a-time-by +received-from +recommended-by +reivewed-by +reluctantly-acked-by +repored-and-bisected-by +reporetd-by +reporeted-and-tested-by +report-by +reportded-by +reported +reported--and-debugged-by +reported-acked-and-tested-by +reported-analyzed-and-tested-by +reported-and-acked-by +reported-and-bisected-and-tested-by +reported-and-bisected-by +reported-and-reviewed-and-tested-by +reported-and-root-caused-by +reported-and-suggested-by +reported-and-test-by +reported-and-tested-by +reported-any-tested-by +reported-bisected-and-tested-by +reported-bisected-and-tested-by-the-invaluable +reported-bisected-tested-by +reported-bistected-and-tested-by +reported-by +reported-by-and-tested-by +reported-by-tested-by +reported-by-with-patch +reported-debuged-tested-acked-by +reported-off-by +reported-requested-and-tested-by +reported-reviewed-and-acked-by +reported-tested-and-acked-by +reported-tested-and-bisected-by +reported-tested-and-fixed-by +reported-tested-by +reported_by +reportedy-and-tested-by +reproduced-by +requested-and-acked-by +requested-and-tested-by +requested-by +researched-with +reveiewed-by +review-by +reviewd-by +reviewed +reviewed-and-tested-by +reviewed-and-wanted-by +reviewed-by +reviewed-off-by +reviewed–by +reviewer +reviewws-by +root-cause-analysis-by +root-cause-found-by +seconded-by +seems-ok +seems-reasonable-to +sefltests-acked-by +sent-by +serial-parts-acked-by +siged-off-by +sighed-off-by +signed +signed-by +signed-off +signed-off-by +singend-off-by +slightly-grumpily-acked-by +smoke-tested-by +some-suggestions-by +spotted-by +submitted-by +suggested-and-acked-by +suggested-and-reviewed-by +suggested-and-tested-by +suggested-by +tested +tested-and-acked-by +tested-and-bugfixed-by +tested-and-reported-by +tested-by +tested-off +thanks-to +to +tracked-by +tracked-down-by +was-acked-by +weak-reviewed-by +workflow-found-ok-by +written-by |