Re: Scalable Debian vulnerability tracking [REDUX]
Give me a couple of days to find a version that is not totally unstable.
I'll tar it up, get some brief explanation, and post the URL here. Right
now, the best 1.x stuff is wrapped up in a .deb. I have 2.0b in testing
(on a few machines), but it is showing some bugs. I don't trust my svn
install (haven't tested to see if I set it up correctly).
I did not make myself clear. The UI to view the summaries and reports is
written in PHP. The engines (the client side data gatherer and the
server side parser) are all perl. I don't think I've ever written a
command line PHP script yet.
The big difference between v1 and v2 is that I've gone to xml for the
report from the client to the server, and the UI is being broken up into
modules so people can add/remove more easily (should have done that from
In most cases, I do not consider e-mail to be unreliable. However, there
are some cases where e-mail is less than optimum. So, I plan to allow
https and ftp in the future.
Holger Levsen wrote:
> Hi Sheldon,
> this sounds like an interesting project, please keep us posted!
> On Mittwoch, 7. Januar 2009, Sheldon Hearn wrote:
>> On Wednesday 07 January 2009 00:24:09 R. W. Rodolico wrote:
>>> I have a package that we have been working on for a while that might
>>> be a good starting point.
>>> This is gpl'd, and I would be happy to supply the .deb, the source
>>> tree or svn access if you would like to look at it.
>> Suppressing my knee-jerk reaction to PHP, it sounds like you're quite
>> far down the track with this one. :-)
> sitesummary, as in http://packages.qa.debian.org/s/sitesummary.html might also
> be interested for you to look at. and it's perl, not php.
> On a site note, I dont consider mail to be too unreliable here. First, it's
> actually pretty reliable. Second, just resend the mail the next day / time