From: Red Hat Product Security <secalert@redhat.com>
To: j@appcanary.com
Subject: [engineering.redhat.com #445284] question about the security data api
Date: Tue 09 May 2017 10:39:17 AM EDT
Hi Jonathan,
Sorry for the delay caused on my part! Here are the answers for your questions:
On Wed Apr 26 17:26:07 2017, amaris@redhat.com wrote:
> On Tue Apr 25 21:01:41 2017, j@appcanary.com wrote:
> > Hi folks
> >
> > I'm writing an importer for RH Security Advisories, and using your new
> > security data API and I have questions about the `before` and `after`
> > parameters, particularly in the case of CVRF docs.
> >
> > First question: is it possible for an exising RHSA to be updated (i.e.,
> > are they mutable)?
Yes, it is possible, but it's quite a rare event. That said, it has already
happened and it most likely will happen in the future as well.
> >
> > Second: if so, will an old RHSA, say, created 1 year ago, which has been
> > updated today, be successfully retrieved by a query which has an `after`
> > parameter of yesterday.
No, parameters `after` and `before` correspond to release date.
> >
> > Third: if not, is there any other way to retrieve CVRF docs which have
> > been modbified?
As of now, unfortunately not.
Best Regards,
--
Adam Mariš / Red Hat Product Security
Based on the following benchmark, for the entire import, subsequent import of the last 6 months, and then overthe last year, I've gone with a 6 month query.
See the following exchange with RH Security:
Based on the following benchmark, for the entire import, subsequent import of the last 6 months, and then overthe last year, I've gone with a 6 month query.