[Mageia-dev] Mageia Advisories Database

nicolas vigier boklm at mars-attacks.org
Tue Jun 28 17:32:46 CEST 2011


On Tue, 28 Jun 2011, Christiaan Welvaart wrote:

> On Tue, 28 Jun 2011, nicolas vigier wrote:
>
>> In order to send updates advisories, and have a web page listing all
>> previous advisories, we need to create a database to store them.
>>
>> So I think it should have the following info for each advisory :
>>
>> - advisory ID: something like MGA-[NUMBER] ?
>> - advisory date
>> - affected source packages
>> - affected distribution versions
>> - CVE numbers
>> - list of binary packages with sha1sum
>> - Mageia Bug #
>> - Reference URLs
>> - advisory text
>>
>> Anything else ?
>
> - severity
> - whether this is a security issue or a non-security bugfix
> (could be 1 field)

What kind of severity classification should we use ?

Something like redhat, with Critical, Important, Moderate, Low ?

Or something more simple with only Critical and Normal ?

Or no classification ?

http://www.redhat.com/f/pdf/rhel4/SecurityClassification.pdf



More information about the Mageia-dev mailing list