Sketch out data sources for a possible expansion of the check-external tool.

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@38797 e39458fd-73e7-0310-bf30-c45bca0a0e42

1 files changed, 108 insertions, 0 deletions

diff --git a/check-external/sources.ini b/check-external/sources.ini
new file mode 100644
index 0000000000..d704af3ba1
--- /dev/null
+++ b/check-external/sources.ini
@@ -0,0 +1,108 @@
+# TODO: write a tool that reads this file
+# TODO: and updates CVE info based on it
+
+[redhat]
+year = 1999 ... 2016
+download = https://www.redhat.com/security/data/cve/cve-{year}.html
+url = https://access.redhat.com/security/cve/{id}
+match = CVE-[0-9]{4,}-[0-9]+
+select = match
+
+[mitre]
+vendor = SUSE DEBIAN GENTOO FEDORA REDHAT UBUNTU
+download = https://cve.mitre.org/data/refs/refmap/source-{vendor}.html
+url = https://cve.mitre.org/cgi-bin/cvename.cgi?name={id}
+match = CVE-[0-9]{4,}-[0-9]+
+select = match
+
+[gnutls]
+download = http://www.gnutls.org/security.html
+url = http://www.gnutls.org/security.html#{id}
+match = GNUTLS-SA-[0-9]{4,}-[0-9]+
+select = match
+
+[drupal-core]
+type = id
+page = 0 ... 6
+download = https://www.drupal.org/security?page={page}
+url = https://www.drupal.org/{id}
+match = SA-CORE-[0-9]{4,}-[0-9]+
+match-to-id = s/^/DRUPAL-/
+id-to-slug = s/^DRUPAL-//
+select = match
+
+[drupal-contrib]
+page = 0 ... 96
+download = https://www.drupal.org/security/contrib?page={page}
+match = SA-CONTRIB-[0-9]{4,}-[0-9]+
+match-to-id = s/^/DRUPAL-/
+select = href
+
+[drupal-psa]
+page = 0 ... 1
+download = https://www.drupal.org/security/psa?page={page}
+url = https://www.drupal.org/{slug}
+match = PSA-[0-9]{4,}-[0-9]+
+match-to-id = s/^/DRUPAL-/
+id-to-slug = s/^DRUPAL-//
+select = match
+
+[nodesecurity]
+download = https://nodesecurity.io/advisories
+match = /advisories/[a-z_]+
+match-attr = href
+url = https://nodesecurity.io{match}
+
+[redmine]
+type = diff
+download = https://www.redmine.org/projects/redmine/wiki/Security_Advisories
+
+[jvn]
+type = id
+download = https://jvn.jp/en/jp/all.html
+url = https://jvn.jp/en/jp/{id}/
+match = JVN#[0-9A-F]{8,}
+id-to-slug = s/#//
+
+[lwn]
+type = 
+download = 
+text-match = [Ss]ecurity.(updates|advisories)
+
+[owncloud]
+download = https://owncloud.org/security/advisories/
+url = https://owncloud.org/security/advisory?id={slug}
+match = oC-SA-[0-9]{4,}-[0-9]+
+id-to-slug = s/.*/\L&/
+
+[cacti]
+download = http://bugs.cacti.net/csv_export.php
+url = http://bugs.cacti.net/view.php?id={slug}
+select-to-slug = s/^000//
+format = csv
+match-field = Category
+match = Security
+select = Id
+
+[wireshark]
+download = https://www.wireshark.org/security/
+url = https://www.wireshark.org/security/{id}.html
+match = wnpa-sec-[0-9]{4,}-[0-9]{2,}
+
+[exim]
+download = https://bugs.exim.org/buglist.cgi?bug_severity=security&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=VERIFIED&product=Exim&ctype=csv
+url = https://bugs.exim.org/show_bug.cgi?id={id}
+format = csv
+select = bug_id
+
+[pcre]
+download = https://bugs.exim.org/buglist.cgi?bug_severity=security&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=VERIFIED&product=PCRE&ctype=csv
+url = https://bugs.exim.org/show_bug.cgi?id={id}
+format = csv
+select = bug_id
+
+[xen]
+download = http://xenbits.xen.org/xsa/
+url = http://xenbits.xen.org/xsa/advisory-{slug}.html
+id-to-slug = s/^XSA-//
+match = XSA-[0-9]{3,}