Bug#761859: security-tracker json deployed

2015-03-09 Thread Holger Levsen
Hi, On Freitag, 27. Februar 2015, Paul Wise wrote: To clarify, I was suggesting keep the version numbers in the repositories section but only keep fixed version numbers in the releases section. Also, the fixed version numbers appear to be incorrect, for example the website says CVE-2012-6656

Bug#761859: security-tracker json deployed

2015-03-09 Thread Raphael Hertzog
On Mon, 09 Mar 2015, Holger Levsen wrote: I dont, as I've converted the previous yaml output to json, because I liked the humand readability of the result... Even for the YAML output I would have used a YAML library, so it doesn't make more sense for me :-) That said your repositories field

Re: Bug#761859: security-tracker json deployed

2015-03-09 Thread Holger Levsen
Hi, On Montag, 9. März 2015, Raphael Hertzog wrote: But I wonder why you have such problems? Aren't you storing the result in memory and then letting a json lib output the data? I dont, as I've converted the previous yaml output to json, because I liked the humand readability of the result...

Bug#761859: security-tracker json deployed

2015-03-09 Thread Holger Levsen
Hi, On Montag, 9. März 2015, Raphael Hertzog wrote: I don't understand. IIRC we said the content of repositories and releases was supposed to have the same structure. The only difference was that it applied to different versions of packages. I think the confusion might be because you stated

Bug#761859: security-tracker json deployed

2015-03-09 Thread Holger Levsen
Hi, I have deployed this now. It might be that fixed_version=0 means not affected but i'm not sure yet and my mind wants a break (for a moment)... cheers, Holger signature.asc Description: This is a digitally signed message part.

Bug#761859: security-tracker json deployed

2015-03-09 Thread Holger Levsen
Hi Florian, On Donnerstag, 26. Februar 2015, Florian Weimer wrote: There used to be a job that downloaded the full description from the NVD web service and put it into the nvd_data table (update-nvd and DB.updateNVD()). The web service looks at this table and prefers the descriptions found

Bug#761859: security-tracker json deployed

2015-03-09 Thread Raphael Hertzog
Hi, On Thu, 26 Feb 2015, Holger Levsen wrote: so I've deployed my patches now and you can get json at https://security-tracker.debian.org/tracker/data/json now. I haven't tested the output against a json validator yet... so feedback welcome and I do expect some more work to do... Yeah, a

External check

2015-03-09 Thread Raphael Geissert
CVE-2015-1783: RESERVED -- The output might be a bit terse, but the above ids are known elsewhere, check the references in the tracker. The second part indicates the status of that id in the tracker at the moment the script was run. -- To UNSUBSCRIBE, email to