[OSVDB-discuss] How to report db data errors?
Kurt Newman
knewman at globaldataguard.com
Tue Jun 2 17:38:55 CDT 2009
Ah, this explains a lot. Thank you for the help.
David Shettler wrote:
> osvdb_id isn't the primary key. On some vulnerabilities, the id field
> is the same as the osvdb_id, but don't count it. OSVDB_ID the public
> identifier, and is only assigned when a vulnerability is approved to
> be created. Many vulnerabilities come in that are not approved, or
> are merged into one, or a broken into many, hence why it isn't used as
> a primary key anymore (it was a few years ago).
>
> Instead, vulnerability_id refers to the id field of the vulnerabilities table.
>
> OSVDB ID: 42670 has an id of 1026869
>
>> # ext_references points to non-existent osvdb id
>> mysql> select * from vulnerabilities where osvdb_id=1026869;
>> Empty set (0.09 sec)
>
> instead, try:
>
> select * from vulnerabilities where id = 1026869;
>
> Dave
More information about the Osvdb-discuss
mailing list