-
Notifications
You must be signed in to change notification settings - Fork 201
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Collect vulnerabilities from Amazon Linux #72
Comments
Essentially we want to scrape/mine/consume the pages at https://alas.aws.amazon.com/ and https://alas.aws.amazon.com/alas2.html . |
Taking it up @sbs2001 @pombredanne ! |
I checked https://alas.aws.amazon.com/ but I found that the table does not contain fixed and affected versions . I even checked the advisory url( eg |
@tushar912 the new packages mentioned at the advisory page are the fixed packages. It seems there is no easy way to obtain exact affected packages so you can skip finding them. |
@sbs2001 I am still confused .Currently what I conclude is to create a |
@tushar912 in https://alas.aws.amazon.com/ALAS-2011-1.html I can see this:
From that I can therefore infer:
Does this make sense? |
Ok . I understood New Packages are the ones that are fixed and whatever are before were affected. |
ok, sorry it it felt like a rehash ....that said we may not have a version that is affected, but rather a version range. |
Amazon might provide direct access to structured Advisory data at some point amazonlinux/amazon-linux-2023#158 (comment) |
@ambuj-1211 @keshav-space is this completed? |
See https://alas.aws.amazon.com/
There are two variants: AL and AL2
The text was updated successfully, but these errors were encountered: