Skip to content

Sort CVEs as versions

Sylvain Beucler requested to merge (removed):version_sort into master

Follow-up to !76 (merged):

carnil: I realized that though the other CVE listings will still be wrong (e.g. suite specific open CVEs, etc).

While investigating an unrelated issue, I realized that the current tracker code makes use of db.createcollation to connect a custom Python sort function in the SQLite bindings, which allows for a more elegant and general solution, while following an existing practice in the code base.

https://salsa.debian.org/security-tracker-team/security-tracker/-/blob/master/lib/python/security_db.py#L650
https://salsa.debian.org/security-tracker-team/security-tracker/-/blob/master/lib/python/security_db.py#L1893

This patch applies COLLATE version (which sorts like dpkg) to queries that sort by bug name.

Note: I tested that the package and the suite-specific pages now have a correct sorting order, however there are numerous other places where the queries were updated but I could not find exactly where to test. So alternatively I can submit a less general patch with just those 2 pages fixed.

Edited by Sylvain Beucler

Merge request reports

Loading