[Git][security-tracker-team/security-tracker][master] Disable another discontinued data source from Red Hat

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Nov 9 21:11:55 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d3cbaf2a by Salvatore Bonaccorso at 2023-11-09T22:08:36+01:00
Disable another discontinued data source from Red Hat

Red Hat does not provide anymore CVE metadata from Bugzilla in xml form
for further parsing. Disable it now.

A future update might fetch data from te alterantive new sources.

Link: https://www.redhat.com/en/blog/future-red-hat-security-data
Signed-off-by: Salvatore Bonaccorso <carnil at debian.org>

- - - - -


1 changed file:

- check-external/update.sh


Changes:

=====================================
check-external/update.sh
=====================================
@@ -46,9 +46,12 @@ check_list() {
 # but it is sufficient for now to get some additional CVE information
 # from Red Hat source
 wget -O redhat-bugzilla.html 'https://bugzilla.redhat.com/buglist.cgi?classification=Other&component=vulnerability&f1=alias&o1=regexp&product=Security%20Response&query_format=advanced&v1=^CVE-.*&order=priority%2Cbug_severity&limit=0'
-# Some extra data is readily available as an xml file
-wget -N https://www.redhat.com/security/data/metrics/cve-metadata-from-bugzilla.xml
-cat redhat-bugzilla.html cve-metadata-from-bugzilla.xml |
+# Some extra data is readily available as an xml file (until 2023-11-08)
+# discontinued as per https://www.redhat.com/en/blog/future-red-hat-security-data
+# last archived version: https://access.redhat.com/security/data/archive/cve-metadata-from-bugzilla_20231108.xml
+#wget -N https://www.redhat.com/security/data/metrics/cve-metadata-from-bugzilla.xml
+#cat redhat-bugzilla.html cve-metadata-from-bugzilla.xml |
+cat redhat-bugzilla.html |
 perl -ne 'print "$1\n" while (s/(CVE-[12][0-9]{3}-[0-9]{4,})//);' | sort -u > cve.list
 check_list cve.list
 



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3cbaf2a7679ea3457ba86bbd540ef891519a48c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3cbaf2a7679ea3457ba86bbd540ef891519a48c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231109/f2e74071/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list