[Git][security-tracker-team/security-tracker][master] 2 commits: Remove "NVD severity" from the web UI

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu May 19 20:04:20 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5d94e0ca by Tianon Gravi at 2022-05-17T21:43:23-07:00
Remove "NVD severity" from the web UI

This is really misleading for users as it represents NVD's opinion on the severity of CVEs, but does *not* necessarily reflect the views of the Debian Security Team (and is often misconstrued by users as though it does).

There should probably also be deeper database changes to no longer store this value, but removing it from the website seems like a good (small) place to start.

- - - - -
a6782167 by Salvatore Bonaccorso at 2022-05-19T19:04:15+00:00
Merge branch 'users/tianon/nvd-severity' into 'master'

Remove "NVD severity" from the web UI

See merge request security-tracker-team/security-tracker!106
- - - - -


1 changed file:

- bin/tracker_service.py


Changes:

=====================================
bin/tracker_service.py
=====================================
@@ -429,15 +429,6 @@ data source.""")],
             if xref:
                 yield B("References"), self.make_xref_list(url, xref)
 
-            if nvd:
-                nvd_range = nvd.rangeString()
-                if nvd.severity:
-                    nvd_severity = nvd.severity.lower()
-                    if nvd_range:
-                        nvd_severity = "%s (attack range: %s)" \
-                                       % (nvd_severity, nvd_range)
-                    yield B("NVD severity"), nvd_severity
-
             debian_bugs = bug.getDebianBugs(cursor)
             if debian_bugs:
                 yield (B("Debian Bugs"),



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e92ac734c6f3425a000ab99caed53dd887286e55...a67821674692780ca4abce039f4967c84d79dabc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e92ac734c6f3425a000ab99caed53dd887286e55...a67821674692780ca4abce039f4967c84d79dabc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220519/62c2fd09/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list