From b0f93002d2319597512d521f23d859e7082d8879 Mon Sep 17 00:00:00 2001 From: CoprDistGit Date: Thu, 23 Feb 2023 08:02:42 +0000 Subject: automatic import of python3-advisory-parser --- .gitignore | 1 + python-advisory-parser.spec | 153 ++++++++++++++++++++++++++++++++++++++++++++ sources | 1 + 3 files changed, 155 insertions(+) create mode 100644 python-advisory-parser.spec create mode 100644 sources diff --git a/.gitignore b/.gitignore index e69de29..1e68b0a 100644 --- a/.gitignore +++ b/.gitignore @@ -0,0 +1 @@ +/advisory-parser-1.12.tar.gz diff --git a/python-advisory-parser.spec b/python-advisory-parser.spec new file mode 100644 index 0000000..4265b73 --- /dev/null +++ b/python-advisory-parser.spec @@ -0,0 +1,153 @@ +%global _empty_manifest_terminate_build 0 +Name: python-advisory-parser +Version: 1.12 +Release: 1 +Summary: Security flaw parser for upstream security advisories +License: LGPLv3+ +URL: https://github.com/RedHatProductSecurity/advisory-parser +Source0: https://files.pythonhosted.org/packages/09/b0/63971338a60f5cf26d943a1f0796560d9a09e8c49830d343823ed11cf387/advisory-parser-1.12.tar.gz +BuildArch: noarch + +Requires: python3-beautifulsoup4 + +%description +This library allows you to parse data from security advisories of certain +projects to extract information about security issues. The parsed +information includes metadata such as impact, CVSS score, summary, +description, and others; for a full list, see the +``advisory_parser/flaw.py`` file. +**DISCLAIMER**: Much of the advisory parsing is fairly fragile. Because web +pages change all the time, it is not uncommon for parsers to break when a +page is changed in some way. Also, the advisory parsers only work with the +latest version of the advisory pages. +The need for parsing raw security advisories in this way could be avoided +if vendors provided their security pages in a machine readable (and +preferably standardized) format. An example of this would be Red Hat's +security advisories that can be pulled in from a separate Security Data API +(`RHSA-2016:1883.json `_) +or downloaded as an XML file +(`cvrf-rhsa-2016-1883.xml `_), +or OpenSSL's list of issues available in XML +(`vulnerabilities.xml `_). +If you are a vendor or an upstream project owner interested in providing +your security advisories in a machine readable format and don't know where +to start, feel free to reach out to mprpic@redhat.com. +Currently available parsers include: + "Google Chrome", ``_ + "Adobe Flash", ``_ + "Jenkins", "" + "MySQL", ``_ + "phpMyAdmin", "" + "Wireshark", "" + +%package -n python3-advisory-parser +Summary: Security flaw parser for upstream security advisories +Provides: python-advisory-parser +BuildRequires: python3-devel +BuildRequires: python3-setuptools +%description -n python3-advisory-parser +This library allows you to parse data from security advisories of certain +projects to extract information about security issues. The parsed +information includes metadata such as impact, CVSS score, summary, +description, and others; for a full list, see the +``advisory_parser/flaw.py`` file. +**DISCLAIMER**: Much of the advisory parsing is fairly fragile. Because web +pages change all the time, it is not uncommon for parsers to break when a +page is changed in some way. Also, the advisory parsers only work with the +latest version of the advisory pages. +The need for parsing raw security advisories in this way could be avoided +if vendors provided their security pages in a machine readable (and +preferably standardized) format. An example of this would be Red Hat's +security advisories that can be pulled in from a separate Security Data API +(`RHSA-2016:1883.json `_) +or downloaded as an XML file +(`cvrf-rhsa-2016-1883.xml `_), +or OpenSSL's list of issues available in XML +(`vulnerabilities.xml `_). +If you are a vendor or an upstream project owner interested in providing +your security advisories in a machine readable format and don't know where +to start, feel free to reach out to mprpic@redhat.com. +Currently available parsers include: + "Google Chrome", ``_ + "Adobe Flash", ``_ + "Jenkins", "" + "MySQL", ``_ + "phpMyAdmin", "" + "Wireshark", "" + +%package help +Summary: Development documents and examples for advisory-parser +Provides: python3-advisory-parser-doc +%description help +This library allows you to parse data from security advisories of certain +projects to extract information about security issues. The parsed +information includes metadata such as impact, CVSS score, summary, +description, and others; for a full list, see the +``advisory_parser/flaw.py`` file. +**DISCLAIMER**: Much of the advisory parsing is fairly fragile. Because web +pages change all the time, it is not uncommon for parsers to break when a +page is changed in some way. Also, the advisory parsers only work with the +latest version of the advisory pages. +The need for parsing raw security advisories in this way could be avoided +if vendors provided their security pages in a machine readable (and +preferably standardized) format. An example of this would be Red Hat's +security advisories that can be pulled in from a separate Security Data API +(`RHSA-2016:1883.json `_) +or downloaded as an XML file +(`cvrf-rhsa-2016-1883.xml `_), +or OpenSSL's list of issues available in XML +(`vulnerabilities.xml `_). +If you are a vendor or an upstream project owner interested in providing +your security advisories in a machine readable format and don't know where +to start, feel free to reach out to mprpic@redhat.com. +Currently available parsers include: + "Google Chrome", ``_ + "Adobe Flash", ``_ + "Jenkins", "" + "MySQL", ``_ + "phpMyAdmin", "" + "Wireshark", "" + +%prep +%autosetup -n advisory-parser-1.12 + +%build +%py3_build + +%install +%py3_install +install -d -m755 %{buildroot}/%{_pkgdocdir} +if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi +if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi +if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi +if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi +pushd %{buildroot} +if [ -d usr/lib ]; then + find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/lib64 ]; then + find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/bin ]; then + find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/sbin ]; then + find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst +fi +touch doclist.lst +if [ -d usr/share/man ]; then + find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst +fi +popd +mv %{buildroot}/filelist.lst . +mv %{buildroot}/doclist.lst . + +%files -n python3-advisory-parser -f filelist.lst +%dir %{python3_sitelib}/* + +%files help -f doclist.lst +%{_docdir}/* + +%changelog +* Thu Feb 23 2023 Python_Bot - 1.12-1 +- Package Spec generated diff --git a/sources b/sources new file mode 100644 index 0000000..39b4aad --- /dev/null +++ b/sources @@ -0,0 +1 @@ +5b3eca786bb3a5c16a2e821aa1395ed8 advisory-parser-1.12.tar.gz -- cgit v1.2.3