VladPolskiy/postgres-web
1
0
Fork 0
mirror of https://github.com/postgres/pgweb.git synced 2025-08-06 09:57:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add page with additional details about a CVE

Browse Source 
This page contains most information that may be found on 3rd party
sites about a particular CVE, but with the benefit of being hosted
on the PostgreSQL infrastructure.

This does require inserting the CVE description into the website,
which will include backporting the CVE descriptions throughout
many existing CVEs, but the added benefit is that this information
is available when we publish a release, vs. waiting for a 3rd party
to publish the info.

This patch also adds sitemap indexing for each of the CVE entries,
and ensures the top-level CVE URL is in the sitemap.
This commit is contained in:
Jonathan S. Katz
2021-03-21 14:15:19 -04:00
parent 62a686f34d
commit cd616da557
7 changed files with 162 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
pgweb/security/struct.py Normal file
View File

@ -0,0 +1,9 @@
from datetime import date, timedelta
from .models import SecurityPatch
def get_struct():
"""create sitemap entries for each CVE entry and the top level CVE URL"""
yield ('support/security/', None)
for s in SecurityPatch.objects.filter(public=True).order_by('-cvenumber'):
yield ('support/security/CVE-{}'.format(s.cve), None)