[Secure-testing-team] "FIXES:" and "FIXED-BY:" directives

Florian Weimer fw at deneb.enyo.de
Wed Sep 21 19:20:58 UTC 2005

I've added new FIXES: and FIXED-BY: directives to the Python code (but
not to the list files, of course -- this is up to you).

This allows you to write:

[September 15th, 2005] DTSA-17-1 lm-sensors - insecure temporary file
	FIXES: DSA-814-1
	- lm-sensors 1:2.9.1-6etch1

in DTSA/list, and

[15 Sep 2005] DSA-814-1 lm-sensors - insecure temporary file
	FIXES: CAN-2005-2672
	[sarge] - lm-sensors 1:2.9.1-1sarge2
	[woody] - lm-sensors not-affected (woody not affected according to DSA)

in DSA/list.  CAN/list just contains:

CAN-2005-2672 (pwmconfig in LM_sensors before 2.9.1 creates temporary files ...)
	- lm-sensors 1:2.9.1-7 (bug #324193; medium)

You can see the result on the web at:


(See the "Origin" column in the table at the bottom.)

What do you think?  Is this feature useful?  It helps to avoid data

("FIXED-BY:" is needed because you cannot reference the FAKE-* entries
in the other direction; they haven't got a real name.)

If you fear that this makes the list files less readable, here's an
Emacs macro that opens a browser window for the issue at the cursor

(defvar idssi-url-base "http://idssi.enyo.de/tracker/"
  "Base URL for the IDSSI security tracker.")

(defun fw/open-debian-bug ()
	   (condition-case ()
	     (error nil))
	   (if (looking-at "[a-zA-Z0-9.+-]")
       ;; CAN/CVE reference
	(browse-url (concat idssi-url-base
			    (buffer-substring (match-beginning 0)
					      (match-end 0)))))
       ;; package name
       ((looking-at "[a-z][a-z0-9.+-]+")
	(browse-url (concat idssi-url-base
			    (buffer-substring (match-beginning 0)
					      (match-end 0)))))
       ;; bug number, "_REDIR" means "redirect to Debian BTS if unavailable
       ((looking-at "[0-9]+")
	(browse-url (concat idssi-url-base
			    (buffer-substring (match-beginning 0)
					      (match-end 0))

I'm sure something similar could be created for VIM. 8-)

More information about the Secure-testing-team mailing list