On Thu, Dec 14, 2023 at 06:51:23AM +0100, tomas@tuxteam.de wrote: > On Wed, Dec 13, 2023 at 07:08:45PM +0000, YUNHE YANG wrote: > > Dear Debian Security Team, > > > > My name is Yunhe Yang, and I am a Ph.D. student specializing in Computer Security. I am writing to discuss some observations and questions about the data on the Debian security tracker webpage and the downloadable JSON file for local database use. > > [...] > > You mean those, I assume: > > https://security-tracker.debian.org/tracker/ > https://security-tracker.debian.org/tracker/data/json > > I suppose the web page enriches the JSON data with information > available from other Debian sources. OK, now I feel I have to ask the original poster: what parts that are available on the webpage are not available in the JSON file? From a quick look, it seems to me that the JSON file contains a lot of information about Debian releases, fixed versions of the packages (when available), and other things also found on the webpage. > That said, this is Debian, so you get the source code for (nearly) > everything. The security tracker's source seems to be here: > > https://salsa.debian.org/security-tracker-team/security-tracker/ > > ...so you can perhaps study how the web page fills in the data > you are missing in the JSON. And you can contact the authors > in case of doubt. That part is also true. G'luck, Peter -- Peter Pentchev roam@ringlet.net roam@debian.org pp@storpool.com PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
Attachment:
signature.asc
Description: PGP signature