Hello, The security team is working on the OSV/VEX formats data generation for the various artifacts we maintain.
Both of those formats aim towards better vulnerability disclosure and more detailed information, are JSON files, human readable and machine parseable. Examples can be found here <https://github.com/canonical/ubuntu-security-notices> for archive packages and CVEs. In your case, to store this data, 2 endpoints will be available to consume from: 1. The same place where OVAL files are currently being generated. 2. A launchpad repo under your LP team, which will be named *vulnerability-data *and will receive bi-daily updates. Feel free to reply to this email asking questions regarding the formats and their distribution. -- [image: Canonical-20th-anniversary] Nick Galanis Software Engineer I - Security Engineering Email: [email protected] Location: London, United Kingdom Mobile: +44 07521205965 canonical.com ubuntu.com
-- Mailing list: https://launchpad.net/~data-platform Post to : [email protected] Unsubscribe : https://launchpad.net/~data-platform More help : https://help.launchpad.net/ListHelp
