Bug 28326

Summary: Mageia vulnerability checker
Product: Infrastructure Reporter: David Walser <luigiwalser>
Component: OthersAssignee: Sysadmin Team <sysadmin-bugs>
Status: NEW --- QA Contact:
Severity: enhancement    
Priority: Normal CC: sysadmin-bugs
Version: unspecified   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: CVE:
Status comment:

Description David Walser 2021-02-08 21:18:47 CET 
Google announced this on February 5:
https://security.googleblog.com/2021/02/launching-osv-better-vulnerability.html

So it sounds like they have an API where you can query software names based on version and it can tell you if you're missing any security-related commits.  I was wondering if it would be possible to set something up that could query it, maybe one page for the versions we have in Cauldron, and one for the versions in our latest stable release.

Maybe some place like repology.org would be a better place to set something like this up, which we could make a link to if it ever happens.  They currently have something similar here:
https://repology.org/projects/?inrepo=mageia_cauldron&vulnerable=1