Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Should we use a different source of JSON advisory/CVE objects for the apache_httpd importer? #1018

Open
johnmhoran opened this issue Nov 28, 2022 · 0 comments
Open

Should we use a different source of JSON advisory/CVE objects for the apache_httpd importer? #1018

johnmhoran opened this issue Nov 28, 2022 · 0 comments
Assignees
@johnmhoran
Labels
Data collection import-improver-migration

Comments

@johnmhoran
Copy link
Member

Exploring the json URL we currently use in the apache_httpd.py fetch_links() function (https://httpd.apache.org/security/json/), if I navigate up 1 step to https://httpd.apache.org/security/, I see that:

  • The date of the json folder is 2022-06-10. This folder contains the individual .json files currently parsed by fetch_links(). 1 file is dated 2022-06-10, and all others are dated 2022-06-08.
  • There's also a link to https://httpd.apache.org/security/vulnerabilities-httpd.json, dated 2022-10-24, which is a list of .json advisory/CVE objects, possibly containing all of the individual CVE objects (and more?).

Should we explore this list of advisory/CVE objects, determine whether it contains all the objects contained in the json folder we're currently parsing, and if so parse that file instead, since it has a more recent date?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@johnmhoran johnmhoran

Labels
Data collection import-improver-migration
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@johnmhoran