[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: faster tracker data processing

Florian Weimer wrote:

> * Raphael Geissert:
> 
>> If that's not desirable, maybe a concept of "HINT"s could be introduced,
>> where the script that updates the CVE/list file from the CVE db
>> automatically adds HINTs of possibly affected packages based on the
>> embedded-code-copies files, the technique used by the check-new-issues
>> (apt-cache search), and a simple file that could be used to associate
>> full project names with a package name (say "Alvaro's Messenger" with
>> "amsn").
> 
> NVD does some of that already.  For an example, see "Vulnerable
> software and versions" under:
> 
> <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1895>
> 
> There are quite a few CPE names already: <http://nvd.nist.gov/cpe.cfm>
> 
> If that data is reasonably current (it's also available over XML), we
> could generate (PTS) alerts based on that.  The advantage is that CPE
> is normalized, while CVE descriptions aren't (I tried to build a Naive
> Bayesian classifier once, but it did not work that well).

It might be worth taking a looking at it, but I expect we will still need
some sort of mapping between the CPE names and the Debian packages names.

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Reply to: