Re: USN-3151-2: Linux kernel (Xenial HWE) vulnerability

Graham Bleach

On 9 December 2016 at 08:13, Guillaume Berche <bercheg(a)> wrote:

thanks for pushing these security notifications to the cloudfoundry
site and this mailing list!

Also, is there an RSS feed that enables programmatic access to newly
disclosed vulnerabilities on the security page ?

We're currently doing this by running an app [1] in our CF that scrapes the
Pivotal security page once an hour & creates events in Datadog
corresponding to new CVEs. Datadog then raises a ticket in our support
system. It's perhaps a bit over-engineered, but we wanted to have the
events in Datadog so we could put the alerts in a dashboard etc. if we

We only used the Pivotal security page because the Cloud Foundry one didn't
exist then. Ideally there would be a stable machine-readable list of all
CVEs relevant to the open source product. If it is RSS/atom we might be
able to do what we want without writing code, using something like



Join { to automatically receive all group messages.