From: Thomas Petazzoni via buildroot <buildroot@buildroot.org>
To: Daniel Lang <dalang@gmx.at>
Cc: buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH] support/scripts/cve.py: switch to NVD JSON version 2.0
Date: Mon, 31 Jul 2023 23:52:36 +0200 [thread overview]
Message-ID: <20230731235236.60ddc54a@windsurf> (raw)
In-Reply-To: <20230731201422.13543-1-dalang@gmx.at>
Hello Daniel,
On Mon, 31 Jul 2023 22:14:20 +0200
Daniel Lang <dalang@gmx.at> wrote:
> The currently used feed is deprecated and will be retired by NVD in
> September 2023 [0].
> The new API returns up to 2000 CVEs every 5 seconds (without API key) [1].
> Instead of request individual years as with the feed, one can specify
> two timestamps are range. Any CVE changed in this time is returned.
> Therefore every single CVE is stored in a seperate JSON file.
> All fields returned by the API are saved for future use.
> This results in over 200000 files grouped by year with ~800MiB total.
>
> [0]: https://nvd.nist.gov/General/News/change-timeline
> [1]: https://nvd.nist.gov/developers/start-here
>
> Signed-off-by: Daniel Lang <dalang@gmx.at>
Wow, thanks for working on this! Is the storing of 200k files workable,
or do we need to consider some other option like a local sqlite
database or something?
Another question: did you do a run of "make pkg-stats" before and after
your patch to compare the results in terms of CVEs reported for each
Buildroot package?
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2023-07-31 21:53 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-31 20:14 [Buildroot] [PATCH] support/scripts/cve.py: switch to NVD JSON version 2.0 Daniel Lang
2023-07-31 21:52 ` Thomas Petazzoni via buildroot [this message]
2023-08-01 14:13 ` Daniel Lang
2023-08-01 14:19 ` Thomas Petazzoni via buildroot
2023-08-01 14:44 ` Daniel Lang
2023-08-01 19:44 ` Thomas Petazzoni via buildroot
2023-08-01 19:55 ` Daniel Lang
2023-08-09 20:31 ` Arnout Vandecappelle via buildroot
2023-08-09 20:59 ` Thomas Petazzoni via buildroot
2023-08-10 5:50 ` Daniel Lang
2023-08-10 7:07 ` Thomas Petazzoni via buildroot
2023-08-10 13:18 ` Arnout Vandecappelle via buildroot
2023-08-10 13:42 ` Thomas Petazzoni via buildroot
2023-08-10 14:58 ` Arnout Vandecappelle via buildroot
2023-08-10 20:12 ` Daniel Lang
2023-08-10 21:12 ` Thomas Petazzoni via buildroot
2023-08-11 6:51 ` Arnout Vandecappelle via buildroot
2023-08-11 12:30 ` [Buildroot] [External] " Weber, Matthew L Collins via buildroot
2023-08-10 20:02 ` [Buildroot] " Daniel Lang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230731235236.60ddc54a@windsurf \
--to=buildroot@buildroot.org \
--cc=dalang@gmx.at \
--cc=thomas.petazzoni@bootlin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox