diff options
author | Emilio Pozuelo Monfort <pochu@debian.org> | 2018-06-08 09:46:29 +0200 |
---|---|---|
committer | Emilio Pozuelo Monfort <pochu@debian.org> | 2018-06-08 10:04:21 +0200 |
commit | 27f07ffa9d0eaa3002004452c2e2fd0c72a9e153 (patch) | |
tree | b49a85f5e457d069f1759e83a1a5a6e414001b44 /doc | |
parent | 668eb7b2899a57e528ddf594d44a84338e640afa (diff) |
Document CVE extends support
Diffstat (limited to 'doc')
-rw-r--r-- | doc/security-team.d.o/security_tracker | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/doc/security-team.d.o/security_tracker b/doc/security-team.d.o/security_tracker index eeea313ca8..cb91082bf7 100644 --- a/doc/security-team.d.o/security_tracker +++ b/doc/security-team.d.o/security_tracker @@ -612,3 +612,23 @@ The following commands build the databases for stable and run a python local ser make serve The website is now available as `http://127.0.0.1:10605/tracker/`. + +Setting up an extended instance +------------------------------- + +The security tracker supports extra sources of data, which can be used +to override or extend the information in CVE/list, and to support your +own announce lists. To do that, add a CVEExtendFile source to +`data/config.json`. Entries in that file can add information to an +existing CVE, e.g. to mark it as fixed or ignored, or to mark it as +affecting additional source packages. For example: + +CVE-2018-11646 + - webkitgtk <unfixed> +CVE-2016-1000340 + [wheezy] - bouncycastle <not-affected> (Vulnerable code introduced later) + +You can also add an announce list of type DSAFile to `data/config.json`, +and then symlink `bin/gen-DSA` to e.g. `bin/gen-MySA` and use that to +create new advisories under your namespace. For that you will need to +add a `data/mysa-needed.txt` file and `doc/MYSA.template`. |