Mailinglist Archive: opensuse-security (11 mails)

< Previous Next >
Re: [opensuse-security] wiki-template: links to NVD or MITRE wanted (or both templates?)
  • From: "pistazienfresser (see profile)" <pistazienfresser@xxxxxx>
  • Date: Wed, 16 Feb 2011 19:47:25 +0100
  • Message-id: <>
Am 16/02/11 17:23, schrieb Marcus Meissner:
On Wed, Feb 16, 2011 at 10:48:23AM +0100, pistazienfresser (see profile)
NovellCVE? If there is no good word we can leave it out I guess.
Do you refer to
the name of the template (and so the syntax in the wiki source code)
the look of the result on the article page
do you think both should be the same/according?

The name of the template.

In the wiki I am not sure how to mark it. CVEs are CVEs, we just have
database (Mitre, NVD, Novell). I am not sure how to mark this up for linking.
I think if the Novell Database is more used in the wiki it would make
sense to move the template that links to the reference CVE database from
MITRE to something like [[Template:MITRE]] or [[Template:M-CVE]] and to
make a new one on [[Template:CVE]] that links to the entries in the
Novell database?
And what do you (pl.) in general think about the 'best' (=suitable for
the users) syntax?

Its not fully necessary to link CVEs either I guess, as they usually are not
on Wiki pages. Just for the Evergreen overview currently.

If I remember right that linking was also my doing on the Evergreen 11.1

If you take a look at it you see that I let just the pure CVE-ID be
stand and give a explanation where the links go in an other section of
the article (where in the wikipedias the external links are located).

Then its fine I think.

By the way: Ist there anywhere an explanation about the
"Published Novell/SUSE Linux security updates by CVE number :
Common Vulnerabilities and Exposures"
('NovellCVE'/'NSLs'?) and its cause and function?

I had hoped it would be self-explaining ...
"A CVE database indexing our released and in QA being security fixes."

Do you think it needs more explanation?

Maybe I am just a bit too nosy and too stupid but I am in general
interested how the hole Novell/openSUSE security thing is functioning -
for instance
what is "QA" (surely something to do with quality assurance but what
team and how is it connected, (how) can normal users help/participate?).
-> so it is a sorted list of the security related fixes - both the
released ones and the ones that are jet being tested? Sorted by the ID's
that the MITRE gave them?



- Martin Seidler
- openSUSE profile:
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx

< Previous Next >