CVE page #617

a-martynovich · 2020-01-13T15:44:21Z

Closes #543

New URLs: /cve, /devices/<pk>/cve

May need additional optimisation.

Select max vulnerability urgency and pub_date in CVEView.

…plate.

a-martynovich · 2020-01-14T06:28:54Z

Popovers are now implemented. They are toggled on click.

backend/device_registry/migrations/0079_auto_20200109_1137.py

backend/device_registry/models.py

backend/device_registry/views.py

Add comments to Device.cve_count. Add unique constraint to Vulnerability. Add default case for migration convert_urgencies(). PEP8 fixes.

a-martynovich · 2020-01-16T07:07:06Z

all fixed

rptrchv · 2020-01-16T14:30:43Z

backend/device_registry/celery_tasks/ubuntu_cve.py

@@ -5,6 +5,7 @@
 from itertools import chain
 import time

+import dateutil.parser


Pls put it to appropriate group of imports

rptrchv · 2020-01-16T14:36:16Z

backend/device_registry/models.py

@@ -806,6 +826,9 @@ class Meta:


 class Vulnerability(models.Model):
+    class Meta:
+        unique_together = ['os_release_codename', 'name', 'package']


Probably that's not ok because you need to have unique names for each os and having 'package' here will break this constraint logic.

No, for each OS there may be multiple vulnerabilities with the same name but different packages. It's when one CVE affects multiple packages.

a-martynovich added 14 commits January 14, 2020 11:32

Add empty CVEView and empty test.

ed93a7a

Meaningful tests, grouping, sorting.

d3b4393

Sort by CVE urgency. Split tests into smaller pieces.

2af3933

Convert Vulnerability.Urgency into integer, add pub_date.

25290cb

Select max vulnerability urgency and pub_date in CVEView.

CVEView: filter packages by device owner.

d3d2d7d

Add affected devices.

10090b4

Add AffectedPackage.device_urls and upgrade_command to be used in tem…

b0eae80

…plate.

Test that cve_date is returned.

9f5c4b9

CVE page template, filter by device.

f5c2573

Working CVE page template.

d171ce8

Move CVE table into a card container, template wording.

cc8479a

CVE count grouped by severity.

cc3a21c

Cont CVEs in simplier and more reliable way.

6dda2b9

Fix tests.

a4a6f8d

a-martynovich force-pushed the 543-cve-page branch from f892f4f to a4a6f8d Compare January 14, 2020 05:33

a-martynovich mentioned this pull request Jan 14, 2020

Register: New UI #618

Merged

Implement popovers.

c4fe7b3

rptrchv suggested changes Jan 15, 2020

View reviewed changes

a-martynovich added 2 commits January 16, 2020 12:27

Merge migrations into one.

9f15fc0

Add comments to Device.cve_count. Add unique constraint to Vulnerability. Add default case for migration convert_urgencies(). PEP8 fixes.

ubuntu_cve: parse pub_date.

c543d7b

a-martynovich requested a review from rptrchv January 16, 2020 07:07

rptrchv suggested changes Jan 16, 2020

View reviewed changes

Move import in celery_tasks.ubuntu_cve

b66031b

rptrchv approved these changes Jan 17, 2020

View reviewed changes

vpetersson merged commit 430d928 into WoTTsecurity:master Jan 17, 2020

a-martynovich mentioned this pull request Jan 17, 2020

CVE page: optimise, fix popovers #628

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE page #617

CVE page #617

a-martynovich commented Jan 13, 2020 •

edited

Loading

a-martynovich commented Jan 14, 2020

a-martynovich commented Jan 16, 2020

rptrchv Jan 16, 2020

rptrchv Jan 16, 2020

a-martynovich Jan 16, 2020 •

edited

Loading

rptrchv Jan 17, 2020

CVE page #617

CVE page #617

Conversation

a-martynovich commented Jan 13, 2020 • edited Loading

a-martynovich commented Jan 14, 2020

a-martynovich commented Jan 16, 2020

rptrchv Jan 16, 2020

Choose a reason for hiding this comment

rptrchv Jan 16, 2020

Choose a reason for hiding this comment

a-martynovich Jan 16, 2020 • edited Loading

Choose a reason for hiding this comment

rptrchv Jan 17, 2020

Choose a reason for hiding this comment

a-martynovich commented Jan 13, 2020 •

edited

Loading

a-martynovich Jan 16, 2020 •

edited

Loading