blob: 82a9c2fdd1782f10d6adb65714eb664e42371d40 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-dev] Mageia Advisories Database
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Mageia%20Advisories%20Database&In-Reply-To=%3C1309275187.31611.43.camel%40akroma.ephaone.org%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="006107.html">
<LINK REL="Next" HREF="006110.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-dev] Mageia Advisories Database</H1>
<B>Michael Scherer</B>
<A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Mageia%20Advisories%20Database&In-Reply-To=%3C1309275187.31611.43.camel%40akroma.ephaone.org%3E"
TITLE="[Mageia-dev] Mageia Advisories Database">misc at zarb.org
</A><BR>
<I>Tue Jun 28 17:33:07 CEST 2011</I>
<P><UL>
<LI>Previous message: <A HREF="006107.html">[Mageia-dev] Mageia Advisories Database
</A></li>
<LI>Next message: <A HREF="006110.html">[Mageia-dev] Mageia Advisories Database
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#6108">[ date ]</a>
<a href="thread.html#6108">[ thread ]</a>
<a href="subject.html#6108">[ subject ]</a>
<a href="author.html#6108">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>Le mardi 28 juin 2011 à 16:23 +0200, Christiaan Welvaart a écrit :
><i> On Tue, 28 Jun 2011, nicolas vigier wrote:
</I>><i>
</I>><i> > In order to send updates advisories, and have a web page listing all
</I>><i> > previous advisories, we need to create a database to store them.
</I>><i> >
</I>><i> > So I think it should have the following info for each advisory :
</I>><i> >
</I>><i> > - advisory ID: something like MGA-[NUMBER] ?
</I>><i> > - advisory date
</I>><i> > - affected source packages
</I>><i> > - affected distribution versions
</I>><i> > - CVE numbers
</I>><i> > - list of binary packages with sha1sum
</I>Is there people that really check them ?
( since there is already gpg and checksum in rpm that can be checked
automatically, I do not see the point in having this when it requires
another manual check )
><i> > - Mageia Bug #
</I>><i> > - Reference URLs
</I>><i> > - advisory text
</I>><i> >
</I>><i> > Anything else ?
</I>><i>
</I>><i> - severity
</I>Adding severity would requires us to have precise rules about it, and
would not mean much, and likely lots of bike shedding about it.
And also, what is the use precisely ?
><i> - whether this is a security issue or a non-security bugfix
</I>What if there is more than 1 fix ( like a firefox upgrade ) ?
And what's the use ?
I would recommend looking at CVRF and OSVDB, but that's only for
security issues.
--
Michael Scherer
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="006107.html">[Mageia-dev] Mageia Advisories Database
</A></li>
<LI>Next message: <A HREF="006110.html">[Mageia-dev] Mageia Advisories Database
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#6108">[ date ]</a>
<a href="thread.html#6108">[ thread ]</a>
<a href="subject.html#6108">[ subject ]</a>
<a href="author.html#6108">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
mailing list</a><br>
</body></html>
|
