summaryrefslogtreecommitdiff
path: root/pgweb/security/struct.py
diff options
context:
space:
mode:
authorJonathan S. Katz2021-03-21 18:15:19 +0000
committerJonathan S. Katz2021-03-28 16:22:24 +0000
commitcd616da5578780afca4202716eaef898622e93a2 (patch)
tree16776688996b3148a570518623657f4e6776168e /pgweb/security/struct.py
parent62a686f34de9d286be183d4b93f7d599c934a011 (diff)
Add page with additional details about a CVE
This page contains most information that may be found on 3rd party sites about a particular CVE, but with the benefit of being hosted on the PostgreSQL infrastructure. This does require inserting the CVE description into the website, which will include backporting the CVE descriptions throughout many existing CVEs, but the added benefit is that this information is available when we publish a release, vs. waiting for a 3rd party to publish the info. This patch also adds sitemap indexing for each of the CVE entries, and ensures the top-level CVE URL is in the sitemap.
Diffstat (limited to 'pgweb/security/struct.py')
-rw-r--r--pgweb/security/struct.py9
1 files changed, 9 insertions, 0 deletions
diff --git a/pgweb/security/struct.py b/pgweb/security/struct.py
new file mode 100644
index 00000000..fd5a713b
--- /dev/null
+++ b/pgweb/security/struct.py
@@ -0,0 +1,9 @@
+from datetime import date, timedelta
+from .models import SecurityPatch
+
+
+def get_struct():
+ """create sitemap entries for each CVE entry and the top level CVE URL"""
+ yield ('support/security/', None)
+ for s in SecurityPatch.objects.filter(public=True).order_by('-cvenumber'):
+ yield ('support/security/CVE-{}'.format(s.cve), None)