From ee5ece485d8adaa20698180fdd792e32c2c11af0 Mon Sep 17 00:00:00 2001
From: Raphael Geissert <atomo64@gmail.com>
Date: Wed, 14 Sep 2016 10:00:00 +0000
Subject: Add another bugzilla-based source

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@44581 e39458fd-73e7-0310-bf30-c45bca0a0e42
---
 check-external/update.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'check-external')

diff --git a/check-external/update.sh b/check-external/update.sh
index 6953618f91..ba1f2041c7 100755
--- a/check-external/update.sh
+++ b/check-external/update.sh
@@ -46,7 +46,10 @@ check_list() {
 # but it is sufficient for now to get some additional CVE information
 # from Red Hat source
 wget -O redhat-bugzilla.html 'https://bugzilla.redhat.com/buglist.cgi?classification=Other&component=vulnerability&f1=alias&o1=regexp&product=Security%20Response&query_format=advanced&v1=^CVE-.*&order=priority%2Cbug_severity&limit=0'
-perl -ne 'print "$1\n" while (s/(CVE-[12][0-9]{3}-[0-9]{4,})//);' < redhat-bugzilla.html | sort -u > cve.list
+# Some extra data is readily available as an xml file
+wget -N https://www.redhat.com/security/data/metrics/cve-metadata-from-bugzilla.xml
+cat redhat-bugzilla.html cve-metadata-from-bugzilla.xml |
+perl -ne 'print "$1\n" while (s/(CVE-[12][0-9]{3}-[0-9]{4,})//);' | sort -u > cve.list
 check_list cve.list
 
 # List of issues fixed by each vendor, according to MITRE. Very
-- 
cgit v1.2.3