feat(data source): re-enable UBUNTU-CVE- into prod instance

google / osv.dev

Open source vulnerability DB and triage service.

https://osv.dev

Apache License 2.0

1.54k stars 188 forks source link

feat(data source): re-enable UBUNTU-CVE- into prod instance #2635

Closed hogo6002 closed 2 months ago

hogo6002 commented 2 months ago

Add UBUNTU-CVE- records into prod instance

Test instance PR: https://github.com/google/osv.dev/pull/2607

hogo6002 commented 2 months ago

Did ingesting this into the test instance all look OK ?

The only issue I found is that some UBUNTU-CVEs are missing the purl field. But I think this is our problem, as we are missing some purl converters (https://github.com/google/osv.dev/issues/2402). Other issues, such as the Linux package query one, have all been fixed. So, I think the records are good to merge for now, and we should probably implement a purl converter for all newly added Linux distros later.