20 Feb 2003 jfs   » (Journeyer)

As usual, it's been quite a while since I wrote anything. Too much work. However I did wanted to note one thing in the diary which I'm proud of (finally) doing: Debian Security Crossreferences. It might seem kind of simple, but, believe me, it's not that easy. One of the things that sparked it was a diary entry from Mark Cox. Now I can say: "Boo! Debian has a full crossreference mapping of security references for not one, but three different security sources" :-)

The enabler of these crossreference mapping is really the work I did on the wml security templates for the Debian web server way back in january which have been used extensively in DSAs since then.

Anyway, it's funny that no distribution/vendor (either free software or propietary) has this kind of information up on their security-related webpages. It's kind of hard to do security research without this. Fortunately, stuff like OSVDB will help to do this type of work easier (or at least cheaper than paying securityfocus to provide you with a copy of the Bugtraq database.

Oh, and hopefully Mitre will update their mapping soon, since it is not entirely correct.

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!