- Debian LTS is maintained by the Debian Security team
- Debian Extended LTS, a commercial offering is maintained by Freexian.
- Debian ELTS Advisories are announced at https://www.freexian.com/lts/extended/updates/
- OSV is a Open Source Vulnerability format, as specified by the Open Source Security Foundation.
- GSD Database is a vulnerability database used by OSV.dev, and maintained by the Cloud Security Alliance
The OSV.dev expects advisories to be published in the OSV format. This repository republishes the advisories in the OSV format, and syncs them against the GSD Database
- Picks up data from extended-lts-security-tracker
- Generates advisories in the OSV format at advisories/
- Syncs Data to the GSD Database
- Add Credits
- Updates are fetched from the ELTS Security Tracker:
- The data is also published at https://deb.freexian.com/extended-lts/tracker/data/json, but it doesn't include the announcement URLs, and harder to use.
- See ossf/osv-schema#104 for more information.
The code is licensed under MIT.