From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/2011-June/006094.html | 130 +++++++++++++++++++++++++++++++ 1 file changed, 130 insertions(+) create mode 100644 zarb-ml/mageia-dev/2011-June/006094.html (limited to 'zarb-ml/mageia-dev/2011-June/006094.html') diff --git a/zarb-ml/mageia-dev/2011-June/006094.html b/zarb-ml/mageia-dev/2011-June/006094.html new file mode 100644 index 000000000..8649f8f61 --- /dev/null +++ b/zarb-ml/mageia-dev/2011-June/006094.html @@ -0,0 +1,130 @@ + + + + [Mageia-dev] Mageia Advisories Database + + + + + + + + + +

[Mageia-dev] Mageia Advisories Database

+ Romain d'Alverny + rdalverny at gmail.com +
+ Tue Jun 28 15:50:05 CEST 2011 +

+
+ +
Hi,
+
+On Tue, Jun 28, 2011 at 15:34, Samuel Verschelde <stormi at laposte.net> wrote:
+> Le mardi 28 juin 2011 15:20:33, nicolas vigier a écrit :
+>> In order to send updates advisories, and have a web page listing all
+>> previous advisories, we need to create a database to store them.
+>>
+>> So I think it should have the following info for each advisory :
+>>
+>>  - advisory ID: something like MGA-[NUMBER] ?
+>>  - advisory date
+>>  - affected source packages
+>>  - affected distribution versions
+>>  - CVE numbers
+>>  - list of binary packages with sha1sum
+>>  - Mageia Bug #
+>>  - Reference URLs
+>>  - advisory text
+>>
+>> Anything else ?
+
+If using SQL, make sure to normalize the db schema a bit (that is, for
+instance, an advisory table, with a distributions table, and a
+relationship). MDV security advisory web app had a single table, with
+new columns added each time a new release was published and that was
+really not good, neither safe to maintain.
+
+In this perspective, there could be the following tables:
+ - advisories (id, date, text, list of URLs, list of bug #)
+ - distributions (id, name)
+ - source packages (id, name, version)
+ - CVE numbers
+
+Not sure about the rest; depends on the data details and what type of
+queries would be expected:
+ - do we only query after the advisory id or do we plan to have stats
+per distribution, source package?
+ - what screens do you expect?
+ - are there several CVE numbers for a single advisory?
+ - is there a link from source packages and binary packages?
+
+Romain
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1