[ubuntu-hardened] Making security notices searchable
Russenberger Dominik
dominik.russenberger at terreactive.ch
Mon Oct 14 14:00:26 UTC 2019
Hi,
Yes, a search would be great. My current usecase: we have an internal,
partial mirror of the Ubuntu repos (multiple releases, different package
set for each release). I have to check the repos for USNs for packages
in there. My current solution is very... clumsy.
On Sun, Oct 13, 2019 at 10:55:45AM +0100, Matthew Paul Thomas wrote:
> As part of this, I???m considering adding a search function, so that you
> can search security notices by Details text, with filters for Release
> and Package.
Filtering by arches (e.g. amd64+all) might be useful, for the handful of
bugs that only affect a single architecture.
> So, I???m interested in knowing:
>
> * Is there any current method of searching USNs? (Other than using
> ???site:usn.ubuntu.com??? with a global search engine, or grepping the
> usn.ubuntu.com Git repo.)
Well... my current solution is to get https://usn.ubuntu.com/releases/ubuntu-18.04-lts/
and then parse the HTML. Atom/RSS also just contain HTML for the content,
but no method to filter by release. And of course parsing HTML breaks
every once in a while.
> * If any search showed results sorted newest first, would there be any
> use case for searching notices by date? (For example, show me only
> notices posted in 2017.)
My usecase requires to show all USNs after a particular date, or even
better all USNs after another USN.
> * Anything else you think I should know?
Machine-readable USNs! Alex Murray posted the link to a big json, but
downloading&parsing 130mb every hour doesn't sound like such a good
idea.
Thanks,
Dominik Russenberger
--
More information about the ubuntu-hardened
mailing list