1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-dev] Mageia Advisories Database
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Mageia%20Advisories%20Database&In-Reply-To=%3CBANLkTim4ChubzN%2BeGyn3S7WwrNBqK%2B16Og%40mail.gmail.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="006093.html">
<LINK REL="Next" HREF="006096.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-dev] Mageia Advisories Database</H1>
<B>Romain d'Alverny</B>
<A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Mageia%20Advisories%20Database&In-Reply-To=%3CBANLkTim4ChubzN%2BeGyn3S7WwrNBqK%2B16Og%40mail.gmail.com%3E"
TITLE="[Mageia-dev] Mageia Advisories Database">rdalverny at gmail.com
</A><BR>
<I>Tue Jun 28 15:50:05 CEST 2011</I>
<P><UL>
<LI>Previous message: <A HREF="006093.html">[Mageia-dev] Mageia Advisories Database
</A></li>
<LI>Next message: <A HREF="006096.html">[Mageia-dev] Mageia Advisories Database
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#6094">[ date ]</a>
<a href="thread.html#6094">[ thread ]</a>
<a href="subject.html#6094">[ subject ]</a>
<a href="author.html#6094">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>Hi,
On Tue, Jun 28, 2011 at 15:34, Samuel Verschelde <<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">stormi at laposte.net</A>> wrote:
><i> Le mardi 28 juin 2011 15:20:33, nicolas vigier a écrit :
</I>>><i> In order to send updates advisories, and have a web page listing all
</I>>><i> previous advisories, we need to create a database to store them.
</I>>><i>
</I>>><i> So I think it should have the following info for each advisory :
</I>>><i>
</I>>><i>  - advisory ID: something like MGA-[NUMBER] ?
</I>>><i>  - advisory date
</I>>><i>  - affected source packages
</I>>><i>  - affected distribution versions
</I>>><i>  - CVE numbers
</I>>><i>  - list of binary packages with sha1sum
</I>>><i>  - Mageia Bug #
</I>>><i>  - Reference URLs
</I>>><i>  - advisory text
</I>>><i>
</I>>><i> Anything else ?
</I>
If using SQL, make sure to normalize the db schema a bit (that is, for
instance, an advisory table, with a distributions table, and a
relationship). MDV security advisory web app had a single table, with
new columns added each time a new release was published and that was
really not good, neither safe to maintain.
In this perspective, there could be the following tables:
- advisories (id, date, text, list of URLs, list of bug #)
- distributions (id, name)
- source packages (id, name, version)
- CVE numbers
Not sure about the rest; depends on the data details and what type of
queries would be expected:
- do we only query after the advisory id or do we plan to have stats
per distribution, source package?
- what screens do you expect?
- are there several CVE numbers for a single advisory?
- is there a link from source packages and binary packages?
Romain
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="006093.html">[Mageia-dev] Mageia Advisories Database
</A></li>
<LI>Next message: <A HREF="006096.html">[Mageia-dev] Mageia Advisories Database
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#6094">[ date ]</a>
<a href="thread.html#6094">[ thread ]</a>
<a href="subject.html#6094">[ subject ]</a>
<a href="author.html#6094">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
mailing list</a><br>
</body></html>
|
