Skip to content
Permalink
Browse files
Ensure security report version groupings are in order.
Simply sorting by title does not produce correct ordering due to
differences in the lengths of CVE numbers. The groups need to be sorted
by corresponding release date.
  • Loading branch information
mike-jumper committed Jan 18, 2021
1 parent 6771936 commit 6248139169bf3ccd85a1da837a53f1076499bc4f
Showing 2 changed files with 33 additions and 22 deletions.
@@ -0,0 +1,15 @@
{% if include.reports != empty %}
{{ include.title }}
-------------------
<ul>
{% for report in include.reports %}
<li>
<h3 id="{{ report.cve }}">
{{ report.title }}
(<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name={{ report.cve | url_encode }}">{{ report.cve }}</a>)
</h3>
{{ report.content }}
</li>
{% endfor %}
</ul>
{% endif %}
@@ -21,29 +21,25 @@ mailing list of the [ASF Security Team](https://www.apache.org/security/) or
the <security@guacamole.apache.org> mailing list, before disclosing or
discussing the issue in a public forum.

{% assign releases = site.security | group_by: 'fixed' %}
{% assign releases = site.releases | where: 'released', 'true' | sort: 'date' %}
{% for release in releases reversed %}

{% assign asfrelease = site.releases | where: 'title', release.name %}
{% if asfrelease != empty %}
Fixed in Apache Guacamole {{ release.name }}
--------------------------------------------
{% else %}
Fixed in Guacamole {{ release.name }} (pre-Apache release)
----------------------------------------------------------
{% endif %}

<ul>
{% assign reports = release.items | sort: 'title' %}
{% for report in reports %}
<li>
<h3 id="{{ report.cve }}">
{{ report.title }}
(<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name={{ report.cve | url_encode }}">{{ report.cve }}</a>)
</h3>
{{ report.content }}
</li>
{% endfor %}
</ul>
{% assign reports = site.security | where: 'fixed', release.title | sort: 'title' %}
{% capture title %} Fixed in Apache Guacamole {{ release.title }} {% endcapture %}
{% include cve-list.html title=title reports=reports %}

{% endfor %}

{% assign releases = site.legacy-releases | sort: 'date' %}
{% for release in releases reversed %}

{% assign reports = site.security | where: 'fixed', release.title | sort: 'title' %}
{% capture title %} Fixed in Guacamole {{ release.title }} (pre-Apache release) {% endcapture %}
{% include cve-list.html title=title reports=reports %}

{% endfor %}

{% assign reports = site.security | where: 'fixed', '0.6.3' | sort: 'title' %}
{% capture title %} Fixed in Guacamole 0.6.3 (pre-Apache release) {% endcapture %}
{% include cve-list.html title=title reports=reports %}

0 comments on commit 6248139

Please sign in to comment.