diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2023-11-16 22:35:14 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-11-20 17:43:06 +0100 |
commit | cb931c6f4ba55696010819b046cace471ef460d4 (patch) | |
tree | ea9d4f6cd7e431fc8cd2bb39c21a9da5dcea276a | |
parent | e5086819c4edd179d422f05324bb25aec73a00d5 (diff) |
check-external: update: Disable fetching from Red Hat Bugzilla
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
-rwxr-xr-x | check-external/update.sh | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/check-external/update.sh b/check-external/update.sh index 2c068e0910..52e7c001d4 100755 --- a/check-external/update.sh +++ b/check-external/update.sh @@ -45,14 +45,16 @@ check_list() { # This should be better done via a rewrite and using python-bugzilla # but it is sufficient for now to get some additional CVE information # from Red Hat source -wget -O redhat-bugzilla.html 'https://bugzilla.redhat.com/buglist.cgi?classification=Other&component=vulnerability&f1=alias&o1=regexp&product=Security%20Response&query_format=advanced&v1=^CVE-.*&order=priority%2Cbug_severity&limit=0' +# Fetching from RedHat bugzilla via query is unreliable, thus disabled +# on 2023-11-16 for the time beeing. +# wget -O redhat-bugzilla.html 'https://bugzilla.redhat.com/buglist.cgi?classification=Other&component=vulnerability&f1=alias&o1=regexp&product=Security%20Response&query_format=advanced&v1=^CVE-.*&order=priority%2Cbug_severity&limit=0' # Some extra data is readily available as an xml file (until 2023-11-08) # discontinued as per https://www.redhat.com/en/blog/future-red-hat-security-data # last archived version: https://access.redhat.com/security/data/archive/cve-metadata-from-bugzilla_20231108.xml # Gather data from Red Hat Security Data API instead # https://access.redhat.com/documentation/en-us/red_hat_security_data_api/1.0/html/red_hat_security_data_api/index curl -s https://access.redhat.com/hydra/rest/securitydata/cve.json?per_page=1000000 | jq -r '.[] | .CVE' > redhat-security-data-api.list -cat redhat-bugzilla.html redhat-security-data-api.list | +cat redhat-security-data-api.list | perl -ne 'print "$1\n" while (s/(CVE-[12][0-9]{3}-[0-9]{4,})//);' | sort -u > cve.list check_list cve.list |