Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

debian: change severity mapping #1069

Open
hdonnay opened this issue Sep 22, 2023 · 3 comments
Open

debian: change severity mapping #1069

hdonnay opened this issue Sep 22, 2023 · 3 comments

Comments

@hdonnay
Copy link
Member

hdonnay commented Sep 22, 2023
edited
Loading

Really seems like the severity mapping should be:

Debian Severity Claircore Severity
unimportant Negligible
low Low
medium Medium
high High
* Unknown

instead of

Debian Severity Claircore Severity
unimportant Low
low Medium
medium High
high Critical
* Unknown

Originally posted by @hdonnay in #1067 (comment)
@hdonnay
Copy link
Member Author

hdonnay commented Sep 22, 2023

@RTann, do you recall what the thinking was on the current mapping?

@crozzy
Copy link
Contributor

crozzy commented Sep 22, 2023

#828 context here

@RTann
Copy link
Contributor

RTann commented Sep 27, 2023

Yeah #828 covers the reasoning. I aligned Debian's definitions with Red Hat's and that's how the severity mapping was done. I think it makes sense, as users who may want to filter by critical vulns will never see Critical Debian's vulns if we never use it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hdonnay @crozzy @RTann