Re: faster tracker data processing
Florian Weimer wrote:
> * Raphael Geissert:
>
>> If that's not desirable, maybe a concept of "HINT"s could be introduced,
>> where the script that updates the CVE/list file from the CVE db
>> automatically adds HINTs of possibly affected packages based on the
>> embedded-code-copies files, the technique used by the check-new-issues
>> (apt-cache search), and a simple file that could be used to associate
>> full project names with a package name (say "Alvaro's Messenger" with
>> "amsn").
>
> NVD does some of that already. For an example, see "Vulnerable
> software and versions" under:
>
> <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1895>
>
> There are quite a few CPE names already: <http://nvd.nist.gov/cpe.cfm>
>
> If that data is reasonably current (it's also available over XML), we
> could generate (PTS) alerts based on that. The advantage is that CPE
> is normalized, while CVE descriptions aren't (I tried to build a Naive
> Bayesian classifier once, but it did not work that well).
It might be worth taking a looking at it, but I expect we will still need
some sort of mapping between the CPE names and the Debian packages names.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Reply to: