Re: Guidance for CVE triage and listing packages in dla-needed.txt
Hi Ola,
On Wed, Apr 10, 2024 at 09:42:48PM +0200, Ola Lundqvist wrote:
>
> You can see that in 1 year and 3 months we have fixed
> 2023: 58
> 2022: 15
> 2021: 78
> 2020: 11
> 2019: 1
>
> Total (not counting CVEs for 2018 and earlier) 162.
>
> It is still a low number.
>
> And I think I found the counting mishap. :-)
>
I think that your counting method is still faulty:
$ for c in $(seq 2023 -1 2019) ; do echo -n "${c}: " ; egrep "CVE[-]${c}" ../security-tracker/data/DLA/list | sed -r -e 's/[^-A-Z0-9 ]//g' -e 's/ /\n/g' | egrep "CVE[-]${c}" | sort -u | wc -l ; done
2023: 643
2022: 962
2021: 900
2020: 1098
2019: 983
Regards,
-Roberto
--
Roberto C. Sánchez
Reply to: