I have noticed that the CVE ID were truncated, importing them from the
Hi, I was a little confused because, while diving in the archives for how to fix errata-import.py failing to import Ubuntu Errata, I came across Philippe Bidault's August 7 e-mail where he said: philicious script
(https://github.com/philicious/spacewalk-scripts/blob/master/errata-impor t.py)
Truncated because of the regexp limitation "CVE = "(?P<cve>CVE-\d{4}-\d{4})".
I have modified it to accept 5 digits ( CVE = "(?P<cve>CVE-\d{4}-\d{5} ), but to be able to import them again, I would need to remove all the erratas from the Ubuntu repositories.
but I couldn't actually find that regexp in the errata-import.py script, so I'm not quite sure how to apply that fix. However I did see another reference to PR23 for errata-import.pl and used that info to create --- errata-import.py.old 2020-10-31 00:36:47.471814842 -0700 +++ errata-import.py 2020-10-31 01:01:28.297772339 -0700 @@ -3,6 +3,7 @@ # Pedro Andujar || twitter: pandujar || email: @segfault.es || @digitalsec.net # # Changelog: +# 2020-10-31 - Allow to work also with API 24 on Uyuni 2020.06 and later # 2017-11-06 - Set UTF-8 caracter encoding to import errata from Spacewalk correctly # 2015-08-25 - Fix to support python2.6. Added reattempts # 2015-06-19 - Limit description 4000 chars @@ -35,6 +36,7 @@ client = '' publish = True attempts = 0 +apiversion = 0 #xmlrpc connect to server and retrieve key def connect(url, login, passwd): @@ -43,6 +45,8 @@ client = xmlrpclib.Server(url, verbose=0) key = client.auth.login(login, passwd) print "[+] Connected to %s" % url + apiversion = int(client.api.get_version()) + print "[+] with API version %d" % apiversion except Exception, e: print "[-] Error connecting to %s: %s" % (url, e) sys.exit(1) @@ -104,7 +108,10 @@ def createErratum(key, erratum, issue_date, erratainfo, keywords, packageids, cves, publish, channels): try: print "[+] Creating errata %s:" % erratum - print client.errata.create(key, erratainfo, bug, keywords, [], publish, list(set(channels))) + if apiversion < 24: + print client.errata.create(key, erratainfo, bug, keywords, [], publish, list(set(channels))) + else: + print client.errata.create(key, erratainfo, bug, keywords, [], list(set(channels))) #Include aditional info using setDetails method (not supported by create method) #http://www.spacewalkproject.org/documentation/api/2.3/handlers/ErrataHand ler.html#setDetails client.errata.setDetails(key, erratum, {'update_date': issue_date}) That patch updates errata-import.py (which I have used for parsing and submitting Ubuntu errata/patches into Spacewalk) to work with Uyuni. If someone wants to submit it to philicious as a PR, feel free to do so. Cheers, Paul-Andre Panon, B.Sc. Senior Systems Administrator Video Security & Analytics -- *For more information on how and why we collect your personal information, please visit our Privacy Policy <https://www.motorolasolutions.com/en_us/about/privacy-policy.html?elqTrackId=8980d888905940e39a2613a7a3dcb0a7&elqaid=2786&elqat=2#privacystatement>.* -- To unsubscribe, e-mail: uyuni-users+unsubscribe@opensuse.org To contact the owner, e-mail: uyuni-users+owner@opensuse.org
To answer my own question, the file Philippe Bidault changed is not errata-import.py, but parseUbuntu.py. Now I've got to clear all the Ubuntu errata too. :-) -----Original Message----- From: Paul-Andre Panon <paul-andre.panon@avigilon.com> Sent: Saturday, October 31, 2020 1:06 AM To: 'Uyunii list' <uyuni-users@opensuse.org> Subject: errata-import.py Hi, I was a little confused because, while diving in the archives for how to fix errata-import.py failing to import Ubuntu Errata, I came across Philippe Bidault's August 7 e-mail where he said:
I have noticed that the CVE ID were truncated, importing them from the philicious script (https://github.com/philicious/spacewalk-scripts/blob/master/errata-imp ort.py)
Truncated because of the regexp limitation "CVE = "(?P<cve>CVE-\d{4}-\d{4})".
I have modified it to accept 5 digits ( CVE = "(?P<cve>CVE-\d{4}-\d{5} ), but to be able to import them again, I would need to remove all the erratas from the Ubuntu repositories.
but I couldn't actually find that regexp in the errata-import.py script, so I'm not quite sure how to apply that fix. However I did see another reference to PR23 for errata-import.pl and used that info to create --- errata-import.py.old 2020-10-31 00:36:47.471814842 -0700 +++ errata-import.py 2020-10-31 01:01:28.297772339 -0700 @@ -3,6 +3,7 @@ # Pedro Andujar || twitter: pandujar || email: @segfault.es || @digitalsec.net # # Changelog: +# 2020-10-31 - Allow to work also with API 24 on Uyuni 2020.06 and +later # 2017-11-06 - Set UTF-8 caracter encoding to import errata from Spacewalk correctly # 2015-08-25 - Fix to support python2.6. Added reattempts # 2015-06-19 - Limit description 4000 chars @@ -35,6 +36,7 @@ client = '' publish = True attempts = 0 +apiversion = 0 #xmlrpc connect to server and retrieve key def connect(url, login, passwd): @@ -43,6 +45,8 @@ client = xmlrpclib.Server(url, verbose=0) key = client.auth.login(login, passwd) print "[+] Connected to %s" % url + apiversion = int(client.api.get_version()) + print "[+] with API version %d" % apiversion except Exception, e: print "[-] Error connecting to %s: %s" % (url, e) sys.exit(1) @@ -104,7 +108,10 @@ def createErratum(key, erratum, issue_date, erratainfo, keywords, packageids, cves, publish, channels): try: print "[+] Creating errata %s:" % erratum - print client.errata.create(key, erratainfo, bug, keywords, [], publish, list(set(channels))) + if apiversion < 24: + print client.errata.create(key, erratainfo, bug, keywords, [], publish, list(set(channels))) + else: + print client.errata.create(key, erratainfo, bug, keywords, [], + list(set(channels))) #Include aditional info using setDetails method (not supported by create method) #http://www.spacewalkproject.org/documentation/api/2.3/handlers/ErrataHand ler.html#setDetails client.errata.setDetails(key, erratum, {'update_date': issue_date}) That patch updates errata-import.py (which I have used for parsing and submitting Ubuntu errata/patches into Spacewalk) to work with Uyuni. If someone wants to submit it to philicious as a PR, feel free to do so. Cheers, Paul-Andre Panon, B.Sc. Senior Systems Administrator Video Security & Analytics -- *For more information on how and why we collect your personal information, please visit our Privacy Policy <https://www.motorolasolutions.com/en_us/about/privacy-policy.html?elqTrackId=8980d888905940e39a2613a7a3dcb0a7&elqaid=2786&elqat=2#privacystatement>.* -- To unsubscribe, e-mail: uyuni-users+unsubscribe@opensuse.org To contact the owner, e-mail: uyuni-users+owner@opensuse.org
My apologies, somehow it worked for me the first time but broke afterwards. The diff should look like --- errata-import.py.old 2020-10-31 00:36:47.471814842 -0700 +++ errata-import.py 2020-11-02 14:28:22.599302608 -0800 @@ -3,6 +3,7 @@ # Pedro Andujar || twitter: pandujar || email: @segfault.es || @digitalsec.net # # Changelog: +# 2020-10-31 - Allow to also work with API 24 on Uyuni 2020.06 and later # 2017-11-06 - Set UTF-8 caracter encoding to import errata from Spacewalk correctly # 2015-08-25 - Fix to support python2.6. Added reattempts # 2015-06-19 - Limit description 4000 chars @@ -35,14 +36,17 @@ client = '' publish = True attempts = 0 +apiversion = 0 #xmlrpc connect to server and retrieve key def connect(url, login, passwd): try: - global client, key + global client, key, apiversion client = xmlrpclib.Server(url, verbose=0) key = client.auth.login(login, passwd) print "[+] Connected to %s" % url + apiversion = int(client.api.get_version()) + print "[+] with API version %d" % apiversion except Exception, e: print "[-] Error connecting to %s: %s" % (url, e) sys.exit(1) @@ -102,9 +106,13 @@ #Create and publish errata def createErratum(key, erratum, issue_date, erratainfo, keywords, packageids, cves, publish, channels): + global apiversion try: print "[+] Creating errata %s:" % erratum - print client.errata.create(key, erratainfo, bug, keywords, [], publish, list(set(channels))) + if apiversion < 24: + print client.errata.create(key, erratainfo, bug, keywords, [], publish, list(set(channels))) + else: + print client.errata.create(key, erratainfo, bug, keywords, [], list(set(channels))) #Include aditional info using setDetails method (not supported by create method) #http://www.spacewalkproject.org/documentation/api/2.3/handlers/ErrataHand ler.html#setDetails client.errata.setDetails(key, erratum, {'update_date': issue_date}) -----Original Message----- From: Paul-Andre Panon <paul-andre.panon@avigilon.com> Sent: Saturday, October 31, 2020 1:06 AM To: 'Uyunii list' <uyuni-users@opensuse.org> Subject: errata-import.py Hi, I was a little confused because, while diving in the archives for how to fix errata-import.py failing to import Ubuntu Errata, I came across Philippe Bidault's August 7 e-mail where he said:
I have noticed that the CVE ID were truncated, importing them from the philicious script (https://github.com/philicious/spacewalk-scripts/blob/master/errata-imp ort.py)
Truncated because of the regexp limitation "CVE = "(?P<cve>CVE-\d{4}-\d{4})".
I have modified it to accept 5 digits ( CVE = "(?P<cve>CVE-\d{4}-\d{5} ), but to be able to import them again, I would need to remove all the erratas from the Ubuntu repositories.
but I couldn't actually find that regexp in the errata-import.py script, so I'm not quite sure how to apply that fix. However I did see another reference to PR23 for errata-import.pl and used that info to create --- errata-import.py.old 2020-10-31 00:36:47.471814842 -0700 +++ errata-import.py 2020-10-31 01:01:28.297772339 -0700 @@ -3,6 +3,7 @@ # Pedro Andujar || twitter: pandujar || email: @segfault.es || @digitalsec.net # # Changelog: +# 2020-10-31 - Allow to work also with API 24 on Uyuni 2020.06 and +later # 2017-11-06 - Set UTF-8 caracter encoding to import errata from Spacewalk correctly # 2015-08-25 - Fix to support python2.6. Added reattempts # 2015-06-19 - Limit description 4000 chars @@ -35,6 +36,7 @@ client = '' publish = True attempts = 0 +apiversion = 0 #xmlrpc connect to server and retrieve key def connect(url, login, passwd): @@ -43,6 +45,8 @@ client = xmlrpclib.Server(url, verbose=0) key = client.auth.login(login, passwd) print "[+] Connected to %s" % url + apiversion = int(client.api.get_version()) + print "[+] with API version %d" % apiversion except Exception, e: print "[-] Error connecting to %s: %s" % (url, e) sys.exit(1) @@ -104,7 +108,10 @@ def createErratum(key, erratum, issue_date, erratainfo, keywords, packageids, cves, publish, channels): try: print "[+] Creating errata %s:" % erratum - print client.errata.create(key, erratainfo, bug, keywords, [], publish, list(set(channels))) + if apiversion < 24: + print client.errata.create(key, erratainfo, bug, keywords, [], publish, list(set(channels))) + else: + print client.errata.create(key, erratainfo, bug, keywords, [], + list(set(channels))) #Include aditional info using setDetails method (not supported by create method) #http://www.spacewalkproject.org/documentation/api/2.3/handlers/ErrataHand ler.html#setDetails client.errata.setDetails(key, erratum, {'update_date': issue_date}) That patch updates errata-import.py (which I have used for parsing and submitting Ubuntu errata/patches into Spacewalk) to work with Uyuni. If someone wants to submit it to philicious as a PR, feel free to do so. Cheers, Paul-Andre Panon, B.Sc. Senior Systems Administrator Video Security & Analytics -- *For more information on how and why we collect your personal information, please visit our Privacy Policy <https://www.motorolasolutions.com/en_us/about/privacy-policy.html?elqTrackId=8980d888905940e39a2613a7a3dcb0a7&elqaid=2786&elqat=2#privacystatement>.* -- To unsubscribe, e-mail: uyuni-users+unsubscribe@opensuse.org To contact the owner, e-mail: uyuni-users+owner@opensuse.org
participants (1)
-
Paul-Andre Panon