On Wed, Feb 25, 2015 at 10:36 AM, Raphael Hertzog hert...@debian.org wrote:
Release is a general concept that includes multiple respositories.
And in repositories you have finer-graind data by real repositories.
That's what I was aiming for, yes.
Sorry, I had a draft in my phone, but didn't
On Tue, 24 Feb 2015, Holger Levsen wrote:
On Dienstag, 24. Februar 2015, Richard Hartmann wrote:
Depending on your layout, you don't really need two different JSON
files, though.
how would you distinguish between squeeze, which includes lts and security,
and squeeze, which doesnt? Same
On Mon, Feb 23, 2015 at 2:59 PM, Holger Levsen hol...@layer-acht.org wrote:
surely. I just wasn't sure whether this should be done on the security-tracker
side or by it's users... or I could provide two versions: json-full and json(-
aggregated) - do you think that would be useful?
To clarify,
Hi,
On Dienstag, 24. Februar 2015, Paul Wise wrote:
I think it would be useful to provide the non-aggregated version for
folks who only use some of the stable suites. Not sure if the sectracker
has information about stable-proposed-updates but if so it would be good
to include it too.
it
Hi,
On Dienstag, 24. Februar 2015, Richard Hartmann wrote:
Depending on your layout, you don't really need two different JSON
files, though.
how would you distinguish between squeeze, which includes lts and security,
and squeeze, which doesnt? Same for wheezy (and security and not).
cheers,
Hi,
On Montag, 23. Februar 2015, Raphael Hertzog wrote:
The only missing data I see is the Debian bug report assigned to each CVE.
I'll add that.
And you call the file json but it contains YAML :-)
yeah, fixed in the last attached patch, but I will rewrite it to actually
output json...
Hi,
On Montag, 23. Februar 2015, Paul Wise wrote:
Hmm, it appears that these are the default urgency from NVD and the ones
without asterisks are ones set by SVN committers. That doesn't appear to
be a distinction worth preserving but it is fine to do so.
I kept it under the premise of
On Sun, 22 Feb 2015, Holger Levsen wrote:
new output is attached in compressed form.
The only missing data I see is the Debian bug report assigned to each CVE.
And you call the file json but it contains YAML :-)
Otherwise, I see that you have the raw data per real suite (aka squeeze is
never
I was about to suggest having both.
Please do that.
Richard
Sent by mobile; excuse my brevity.
On Mon, 2015-02-23 at 14:59 +0100, Holger Levsen wrote:
surely. I just wasn't sure whether this should be done on the
security-tracker
side or by it's users... or I could provide two versions: json-full and json(-
aggregated) - do you think that would be useful?
I think it would be useful
On Sun, 22 Feb 2015 00:37:49 +0100 Holger Levsen wrote:
I have a prototype ready, see attached...
I noticed that fixed issues are not listed, we need that so people can
look up the security history of any package by clicking a 'security'
link in the links section. Just an item link: True|False
On Sun, 2015-02-22 at 19:00 +0100, Holger Levsen wrote:
On Sonntag, 22. Februar 2015, Paul Wise wrote:
I see a bunch of urgency set to high** and medium**, should it
be high and medium instead?
this comes directly from the database, so I don't think it should be modified.
Hmm, it appears
12 matches
Mail list logo