Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 9 additions & 14 deletions docs/packaging/monitoring.yaml.md
Original file line number Diff line number Diff line change
Expand Up @@ -144,31 +144,26 @@ The command returns the following:
```text
[
[
49192,
"cpe:2.3:a:ubuntu_developers:systemd"
],
[
116392,
"cpe:2.3:a:lennart_poettering:systemd"
],
[
120506,
"cpe:2.3:a:freedesktop:systemd"
916.0,
"cpe:2.3:a:systemd_project:systemd"
],
[
120627,
"cpe:2.3:a:systemd_project:systemd"
1.0,
"cpe:2.3:a:ubuntu_developers:systemd"
]
]
Verify successful hits by visiting https://cve.circl.lu/search/$VENDOR/$PRODUCT
- CPE entries for software applications have the form 'cpe:2.3:a:$VENDOR:$PRODUCT'

```

Ignore the numerical ids, let's walk through the CPEs by vendor:

- `ubuntu_developers` is for `systemd` patched by Ubuntu; we can ignore it
- `lennart_poettering` is for the main `systemd` developer and is probably a bleeding edge vendor; ignore it
- `freedesktop` is from freedesktop.org and is a good candidate, so we add it
- `systemd_project` is a good candidate, so we add it

If you see something like `"cpe:2.3:a:lennart_poettering:systemd"`, the vendor is Lennart Poettering and this shouldn't be used. This is a bleeding edge / development vendor, rather than production.

### No known CPE

If an established product hasn't had a security advisory in the past, it might not have a CPE.
Expand Down
Loading