fix(debian): handle severity properly (#109)

* test(debian): add a failure case * fix(debian): handle severity
2021-09-28 09:48:35 +03:00 · 2021-09-28 09:48:35 +03:00 · cccad02d55
commit cccad02d55
parent 127afe7c71
3 changed files with 8 additions and 3 deletions
--- a/debian/tracker/annotation.go
+++ b/debian/tracker/annotation.go
@ -186,7 +186,11 @@ func parseInner(inner string) (string, int) {
 	// e.g. (bug #1345; low)
 	for _, ann := range strings.Split(inner, ";") {
 		// Parse severity
-		severity = severityRegexp.FindString(ann)
+		s := severityRegexp.FindString(ann)
+		if s != "" {
+			severity = s
+			continue
+		}

 		// Parse bug number
 		match := bugNoRegexp.FindStringSubmatch(ann)
--- a/debian/tracker/debian_test.go
+++ b/debian/tracker/debian_test.go
@ -132,12 +132,13 @@ func TestClient_Update(t *testing.T) {
 					},
 					Annotations: []*tracker.Annotation{
 						{
-							Original: "- putty 0.75-3 (bug #990901)",
+							Original: "- putty 0.75-3 (low; bug #990901)",
 							Line:     11,
 							Type:     "package",
 							Version:  "0.75-3",
 							Kind:     "fixed",
 							Package:  "putty",
+							Severity: "low",
 							BugNo:    990901,
 						},
 						{
--- a/debian/tracker/testdata/happy/data/CVE/list
+++ b/debian/tracker/testdata/happy/data/CVE/list
@ -8,6 +8,6 @@ CVE-2021-36373 (When reading a specially crafted TAR archive an Apache Ant build
        NOTE: Crash in CLI tool, no security impact

 CVE-2021-36367 (PuTTY through 0.75 proceeds with establishing an SSH session even if i ...)
-        - putty 0.75-3 (bug #990901)
+        - putty 0.75-3 (low; bug #990901)
        [bullseye] - putty <no-dsa> (Minor issue)
        [buster] - putty <no-dsa> (Minor issue)