On 9/10/19 3:59 AM, Viliam Križan wrote:
Hello,
Red Hat Product Security would like to inquire the usage of whiteboard from security/CVE bugs in Fedora Infrastructure. Is there any infrastructure tool that is reading and parsing the data from the Whiteboard field from mentioned bugs.
The CVE bugs are are bugs filed in Bugzilla under "Security Response"/vulnerability, often having a CVE as an alias.
For example: CVE-2019-1010222 https://bugzilla.redhat.com/show_bug.cgi?id=1735591
Thank you for your time.
I dont think we currently use the whiteboard data for anything.
However, there is a plan to retire packages with outstanding security issues, and any script around that might parse it? It might not if we can get all the data from other places.
Are you planning on changing the format or ?
kevin