check-new-issues: auto NFU based on a rules file (!204) · Merge requests · Debian Security Tracker / security-tracker

Emilio Pozuelo Monfort requested to merge pochu/security-tracker:auto-nfu-v2 into master Feb 18, 2025

This adds a data/nfu.yaml file (the path could be updated if there's a better one, e.g. data/packages/nfu.yaml), where rules can be added to automatically mark CVEs as NFU. This substitutes the previous regexes that targeted the CVE description and were embedded in the file.

Right now, it only supports checking the CNA. However we can extend that as the need arises to check other things, such as products, descriptions...

Closes: #1073012

check-new-issues: auto NFU based on a rules file

Merge request reports