Time filtered advisory downloads should use the update instead of the publish date.

[s-l-teichmann]

Currently the time interval filtered downloads of advisories are using the publish date.
This should be replaced by using the last update time as this is a more recent and
better suited for delta downloads.

Even years old advisories may fetch later updates.

Should be easy fixable by changing Published to Updated https://github.com/csaf-poc/csaf_distribution/blob/d4ef21531a68d19477b894a7f1b56226ea8997c6/csaf/advisories.go#L319
One might have a look at the fallback to changes.csv in case we are using a provider
with no ROLIE support.

[bernhardreiter]

The use case is:
A security person wants to download only the updated advisories since the last download without missing any.

Because the elder versions of advisories have already be downloaded, I set up a regular job with an overlap in the time interval to be sure to catch all updates. So I save time and bandwidth.

Example:
Run the downloader every 24 hours trying to get advisories that have been updated in the last 25 hours or 24 hours and 10 minutes aka 2050 minutes to cater for some clock differences and delays in publication or starting the job.

[s-l-teichmann]

PR #519 should solve this.

Remarks:

• The fallback to changes.csv as a filter is fine as these entries are generated from /document/tracking/current_release_date
• The PR removes filtering in the checker based on the year folder of the advisory as this folder is based on the publishing date.