Hi, I had an idea the security tracker folks might like to turn into a GSoC/Outreachy project, hoping one of you would be willing to take on mentoring for it. I've written up the idea here: https://wiki.debian.org/SummerOfCode2015/ProjectProposals/SecurityTrackerCheckExternal I would structure it such that there is a config file containing data sources and Python code that can deal with common data source types. Here are some data sources and other info as an example of that: [redhat] type = cve year = 1999-now download = https://www.redhat.com/security/data/cve/cve-{year}.html url = https://access.redhat.com/security/cve/{cve} [mitre] type = cve vendor = SUSE DEBIAN GENTOO FEDORA REDHAT UBUNTU download = https://cve.mitre.org/data/refs/refmap/source-{vendor}.html url = https://cve.mitre.org/cgi-bin/cvename.cgi?name={cve} [gnutls] type = id download = http://www.gnutls.org/security.html url = http://www.gnutls.org/security.html#{id} id-match = GNUTLS-SA-[0-9]{4,}-[0-9]+ [drupal-core] type = id download = https://www.drupal.org/security url = https://www.drupal.org/{id} id-match = SA-CORE-[0-9]{4,}-[0-9]+ prefix = DRUPAL- [drupal-contrib] type = url download = https://www.drupal.org/security id-match = SA-CONTRIB-[0-9]{4,}-[0-9]+ prefix = DRUPAL- [nodesecurity] type = url download = https://nodesecurity.io/advisories href-match = /advisories/[a-z_]+ link = download [redmine] type = diff-text download = https://www.redmine.org/projects/redmine/wiki/Security_Advisories [jvn] type = id download = https://jvn.jp/en/jp/all.html id-match = JVN#[0-9A-F]{8,} url = https://jvn.jp/en/jp/{id}/ [lwn] type = ? download = ? text-match = [Ss]ecurity.(updates|advisories) -- bye, pabs https://wiki.debian.org/PaulWise
Attachment:
signature.asc
Description: This is a digitally signed message part