control: tags -1 + pending Hi,
so I've deployed my patches now and you can get json at https://security-tracker.debian.org/tracker/data/json now. I haven't tested the output against a json validator yet... so feedback welcome and I do expect some more work to do... Important change: - CVEs are now called "issues" as there are a few different issues than CVEs included. Open questions: - should the output include description fields if the value is "null"? - should the output include nodsa fields if the value is "null"? - should the output include remote fields if the value is "null"? - for the releases with issue status != "resolved", should the version be ommitted? (as its rather meaningless then... also the repositories fields also contain those versions. (and those should be kept IMO) And then I thought, urgency would be a per issue field (and thus would be the same for different suites), with the exception that the (suite specific) "end- of-life" information is also stored there. Turned out I was wrong, there are many more cases where the urgency of issues *is* suite-specific (plus, issues can affect several packages.) Unedited debug output (so you can look at these issues if you really care), please add spaces mentally: this should never happen unimportantlowCVE-2015-1563 this should never happen mediumhigh**CVE-2008-5234 this should never happen lowhigh**CVE-2008-5237 this should never happen mediummedium**CVE-2008-5239 this should never happen lowmedium**CVE-2008-5240 this should never happen lowmedium**CVE-2008-5241 this should never happen mediummedium**CVE-2008-5242 this should never happen medium**lowCVE-2011-2516 this should never happen high**lowCVE-2013-1436 this should never happen medium**lowCVE-2011-4613 this should never happen not yet assignedlowTEMP-0000000-269968 this should never happen low**lowCVE-2011-4028 this should never happen unimportanthighCVE-2012-0064 this should never happen unimportanthigh**CVE-2012-2118 this should never happen medium**lowCVE-2013-6424 this should never happen unimportantnot yet assignedCVE-2014-8103 cheers, Holger
signature.asc
Description: This is a digitally signed message part.