search

aboutcode-org / vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
https://public.vulnerablecode.io
Apache License 2.0
536 stars 201 forks source link

Deprecate yaml format for SUSE importer and ingest data in CSAF, OVAL or CVRF format #1079

Open TG1999 opened 1 year ago

TG1999 commented 1 year ago

This reply is from Marcus Meissner from Suse

Hi,

FWIW.  the backports data in the yaml directory is no longer generated
and I have now deleted the data. Our PM only wishes that we publish data
in standard formats.

As Alexander writes, please use our OVAL, CVRF or CSAF data preferably.

The YAML file with the CVSS scores will stay however for ease of
consumption.

Ciao, Marcus

Suse has dropped the support for backport data from the YAML folder, so the suse-backport importer that we were migrating will not be able to import any data. We will drop this importer and write a new importer post-migration for ingesting data from OVAL, CVRF, or CSAF data format.

tschmidtb51 commented 1 year ago

The CSAF files for Suse are avaiable at: https://ftp.suse.com/pub/projects/security/csaf/