From e5086819c4edd179d422f05324bb25aec73a00d5 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Thu, 9 Nov 2023 23:19:31 +0100 Subject: check-external: update: Gather CVE from the Red Hat Security Data API endpoint As the bugzilla query cannot reliably deliver CVE information anymore and the metadata export has been discontinued switch to gather the Red Hat known CVEs from the Red Hat Security Data API endpoint instread. Link: https://www.redhat.com/en/blog/future-red-hat-security-data Link: https://access.redhat.com/documentation/en-us/red_hat_security_data_api/1.0/html/red_hat_security_data_api/index Signed-off-by: Salvatore Bonaccorso --- check-external/update.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/check-external/update.sh b/check-external/update.sh index 10402da1dd..2c068e0910 100755 --- a/check-external/update.sh +++ b/check-external/update.sh @@ -49,9 +49,10 @@ wget -O redhat-bugzilla.html 'https://bugzilla.redhat.com/buglist.cgi?classifica # Some extra data is readily available as an xml file (until 2023-11-08) # discontinued as per https://www.redhat.com/en/blog/future-red-hat-security-data # last archived version: https://access.redhat.com/security/data/archive/cve-metadata-from-bugzilla_20231108.xml -#wget -N https://www.redhat.com/security/data/metrics/cve-metadata-from-bugzilla.xml -#cat redhat-bugzilla.html cve-metadata-from-bugzilla.xml | -cat redhat-bugzilla.html | +# Gather data from Red Hat Security Data API instead +# https://access.redhat.com/documentation/en-us/red_hat_security_data_api/1.0/html/red_hat_security_data_api/index +curl -s https://access.redhat.com/hydra/rest/securitydata/cve.json?per_page=1000000 | jq -r '.[] | .CVE' > redhat-security-data-api.list +cat redhat-bugzilla.html redhat-security-data-api.list | perl -ne 'print "$1\n" while (s/(CVE-[12][0-9]{3}-[0-9]{4,})//);' | sort -u > cve.list check_list cve.list -- cgit v1.2.3