From a7c7de8db1c3312513d5274a71edee2138cdfaef Mon Sep 17 00:00:00 2001 From: Lucas Moura Date: Mon, 7 Oct 2024 15:43:56 -0300 Subject: [PATCH] fix: use USNs directly from the CVE response We need to fetch the USNs related to a CVE to extract the ubuntu version of the packages affected by the CVE. In the past, we where running another request to fetch all USNs related to the CVEs. To make this process less demanding on the API side, we are now relaying on the related USNs already delivered by the CVE endpoint instead --- uaclient/api/u/pro/security/fix/_common/plan/v1.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/uaclient/api/u/pro/security/fix/_common/plan/v1.py b/uaclient/api/u/pro/security/fix/_common/plan/v1.py index ead43d8d74..730ab07ab8 100644 --- a/uaclient/api/u/pro/security/fix/_common/plan/v1.py +++ b/uaclient/api/u/pro/security/fix/_common/plan/v1.py @@ -742,7 +742,7 @@ def _get_cve_data( ) -> Tuple[CVE, List[USN]]: try: cve = client.get_cve(cve_id=issue_id) - usns = client.get_notices(cves=issue_id) + usns = cve.notices except exceptions.SecurityAPIError as e: if e.code == 404: raise exceptions.SecurityIssueNotFound(issue_id=issue_id)