diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2018-06-10 08:59:50 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2018-06-10 08:59:50 +0200 |
commit | 240e8b95b294318a08b4bb98b7e3547ed2bdc0f3 (patch) | |
tree | 6c0138b348f21049d15d001c64c92881e018fb49 /doc | |
parent | 06f8fb550fc8e74e33d4d8e3c6ce928f42e6b83b (diff) | |
parent | a0c205800723e54d383c1cb54969e4da3922edfb (diff) |
Merge branch 'pochu/security-tracker-wip/extends'
Diffstat (limited to 'doc')
-rw-r--r-- | doc/security-team.d.o/security_tracker | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/doc/security-team.d.o/security_tracker b/doc/security-team.d.o/security_tracker index eeea313ca8..cb91082bf7 100644 --- a/doc/security-team.d.o/security_tracker +++ b/doc/security-team.d.o/security_tracker @@ -612,3 +612,23 @@ The following commands build the databases for stable and run a python local ser make serve The website is now available as `http://127.0.0.1:10605/tracker/`. + +Setting up an extended instance +------------------------------- + +The security tracker supports extra sources of data, which can be used +to override or extend the information in CVE/list, and to support your +own announce lists. To do that, add a CVEExtendFile source to +`data/config.json`. Entries in that file can add information to an +existing CVE, e.g. to mark it as fixed or ignored, or to mark it as +affecting additional source packages. For example: + +CVE-2018-11646 + - webkitgtk <unfixed> +CVE-2016-1000340 + [wheezy] - bouncycastle <not-affected> (Vulnerable code introduced later) + +You can also add an announce list of type DSAFile to `data/config.json`, +and then symlink `bin/gen-DSA` to e.g. `bin/gen-MySA` and use that to +create new advisories under your namespace. For that you will need to +add a `data/mysa-needed.txt` file and `doc/MYSA.template`. |