* Florian Weimer: > Here's a message I received from NIST. I don't know if the issue has > been resolved yet.
Here's the update I've just received. So everything should be back to normal soon. From: <[EMAIL PROTECTED]> Subject: National Vulnerability Database (Operational Status and New Features) To: Multiple recipients of list <[EMAIL PROTECTED]> Date: Wed, 16 Nov 2005 10:33:16 -0500 (EST) Message-Id: <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] The problem with the National Vulnerability Database (NVD) and Common Vulnerabilities and Exposures (CVE) vulnerability processing system has been fixed. We added 57 new vulnerabilities and 61 historical vulnerabilities this morning, will provide another large batch this weekend, and then will resume our normal publication activity (publishing around 12 new vulnerabilities per day). Also, I'll take this opportunity to announce two new NVD features. The NVD XML download capability has been enhanced with two additional feeds. 1. <http://nvd.nist.gov/download/nvdcve-modified.xml> http://nvd.nist.gov/download/nvdcve-modified.xml contains the most recently published CVE vulnerabilities in addition to vulnerabilities that have been recently updated within NVD. 2. <http://nvd.nist.gov/download/nvdcve-recent.xml> http://nvd.nist.gov/download/nvdcve-recent.xml contains only the most recently published CVE vulnerabilities. These feeds currently contain the last 14 days of additions and/or updates but this timeframe may change based on user feedback. In addition, the NVD product dictionary is now available in two forms: 1. <http://nvd.nist.gov/viewvpv.cfm> http://nvd.nist.gov/viewvpv.cfm provides interactive access to the vendor name, product name, and version number lists used by NVD. 2. <http://nvd.nist.gov/download/nvd_dictionary.txt> http://nvd.nist.gov/download/nvd_dictionary.txt is a text file containing the entire NVD product dictionary. The product dictionary is updated daily. Note that the NVD product dictionary may not contain all version numbers for each product. We only include product version numbers that are explicitly mentioned within NVD vulnerability summaries. All of the NVD XML feeds and the product dictionary services are available from the NVD download page at <http://nvd.nist.gov/download.cfm> http://nvd.nist.gov/download.cfm. For those of you wondering about the historical vulnerabilities I mentioned earlier, CVE does research on old vulnerabilities in order to provide a comprehensive archive. Archival vulnerabilities are given a publish date corresponding to when the issue actually occurred in order to avoid any confusion (we don't want a vulnerability from 2002 to be thought of as a new issue). Please let us know how we can serve you better. Peter Mell NVD Project Lead <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] <http://nvd.nist.gov/> http://nvd.nist.gov To unsubscribe from this mailing list, please send e-mail to <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] with the words "unsubscribe nvdupdate" in the body. _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
