On September 1993 plus 3676 days Albert Whale wrote: > I guess my point was missed. We don't want to perform queries. > Unless the PHP or HTML Page we pull up from MandrakeSecure Queries the > Data to sort it and correlate the CVEs and the MDKSAs (and RPM names). > This is what the Management Teams want to see, one page (maybe more), > of Vulnerabilities to Updates. Thus while you're going through the > chart of vulnerabilities, we can EASILY Correlate one page to the > report. Do you really want all of us querying the CVEs for each > server?? > > Apologies if you thought that I was hollering, as I wasn't. Just > thinking aloud to stress a point. We work with Mandrake and Nessus to > make the Security Issues disappear. Making it easier to perform our > duties benefits all of us.
Uhm...well, I just went to mdksecure and did a search on no item on the CVE search field (just put cursor in it and hit Go button). I see the CVE number, MDKSA number and description of the problem. Since I do keep everything up to date in all boxes I admin, I use that table for "ok, said item is fixed, so I'm well"...but maybe Vincent could be convinced (if he has the time, which I know is usually the biggest problem for him) to add the full rpm name for at least the last normal distro (9.1 as of today) and probably the 2 corporate servers (MNF8.2 and CS2.1 as of today) to that list. Or just add a page which displays the same thing as the blank search plus the rpm names for all currently supported distros. I don't know the internals of the database he's got with the advisories, so I can't say how easy or hard this can be. Vox -- Think of the Linux community as a niche economy isolated by its beliefs. Kind of like the Amish, except that our religion requires us to use _higher_ technology than everyone else. -- Donald B. Marti Jr.
pgp00000.pgp
Description: PGP signature
