From d3cbaf2a7679ea3457ba86bbd540ef891519a48c Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Thu, 9 Nov 2023 22:08:36 +0100 Subject: Disable another discontinued data source from Red Hat Red Hat does not provide anymore CVE metadata from Bugzilla in xml form for further parsing. Disable it now. A future update might fetch data from te alterantive new sources. Link: https://www.redhat.com/en/blog/future-red-hat-security-data Signed-off-by: Salvatore Bonaccorso --- check-external/update.sh | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'check-external') diff --git a/check-external/update.sh b/check-external/update.sh index 4025728e2c..10402da1dd 100755 --- a/check-external/update.sh +++ b/check-external/update.sh @@ -46,9 +46,12 @@ check_list() { # but it is sufficient for now to get some additional CVE information # from Red Hat source wget -O redhat-bugzilla.html 'https://bugzilla.redhat.com/buglist.cgi?classification=Other&component=vulnerability&f1=alias&o1=regexp&product=Security%20Response&query_format=advanced&v1=^CVE-.*&order=priority%2Cbug_severity&limit=0' -# Some extra data is readily available as an xml file -wget -N https://www.redhat.com/security/data/metrics/cve-metadata-from-bugzilla.xml -cat redhat-bugzilla.html cve-metadata-from-bugzilla.xml | +# Some extra data is readily available as an xml file (until 2023-11-08) +# discontinued as per https://www.redhat.com/en/blog/future-red-hat-security-data +# last archived version: https://access.redhat.com/security/data/archive/cve-metadata-from-bugzilla_20231108.xml +#wget -N https://www.redhat.com/security/data/metrics/cve-metadata-from-bugzilla.xml +#cat redhat-bugzilla.html cve-metadata-from-bugzilla.xml | +cat redhat-bugzilla.html | perl -ne 'print "$1\n" while (s/(CVE-[12][0-9]{3}-[0-9]{4,})//);' | sort -u > cve.list check_list cve.list -- cgit v1.2.3