* Florian Weimer:
> Here''s a message I received from NIST. I don''t know if
the issue has
> been resolved yet.
Here''s the update I''ve just received. So everything should be
back to
normal soon.
From: <nvd@nist.gov>
Subject: National Vulnerability Database (Operational Status and New Features)
To: Multiple recipients of list <nvdupdate@nist.gov>
Date: Wed, 16 Nov 2005 10:33:16 -0500 (EST)
Message-Id: <200511161531.jAGFV9mI002649@smtp.nist.gov>
Reply-To: nvd@nist.gov
The problem with the National Vulnerability Database (NVD) and Common
Vulnerabilities and Exposures (CVE) vulnerability processing system has been
fixed. We added 57 new vulnerabilities and 61 historical vulnerabilities
this morning, will provide another large batch this weekend, and then will
resume our normal publication activity (publishing around 12 new
vulnerabilities per day).
Also, I''ll take this opportunity to announce two new NVD features.
The NVD XML download capability has been enhanced with two additional feeds.
1. <http://nvd.nist.gov/download/nvdcve-modified.xml>
http://nvd.nist.gov/download/nvdcve-modified.xml contains the most recently
published CVE vulnerabilities in addition to vulnerabilities that have been
recently updated within NVD.
2. <http://nvd.nist.gov/download/nvdcve-recent.xml>
http://nvd.nist.gov/download/nvdcve-recent.xml contains only the most
recently published CVE vulnerabilities.
These feeds currently contain the last 14 days of additions and/or updates
but this timeframe may change based on user feedback.
In addition, the NVD product dictionary is now available in two forms:
1. <http://nvd.nist.gov/viewvpv.cfm> http://nvd.nist.gov/viewvpv.cfm
provides interactive access to the vendor name, product name, and version
number lists used by NVD.
2. <http://nvd.nist.gov/download/nvd_dictionary.txt>
http://nvd.nist.gov/download/nvd_dictionary.txt is a text file containing
the entire NVD product dictionary. The product dictionary is updated daily.
Note that the NVD product dictionary may not contain all version numbers for
each product. We only include product version numbers that are explicitly
mentioned within NVD vulnerability summaries.
All of the NVD XML feeds and the product dictionary services are available
from the NVD download page at <http://nvd.nist.gov/download.cfm>
http://nvd.nist.gov/download.cfm.
For those of you wondering about the historical vulnerabilities I mentioned
earlier, CVE does research on old vulnerabilities in order to provide a
comprehensive archive. Archival vulnerabilities are given a publish date
corresponding to when the issue actually occurred in order to avoid any
confusion (we don''t want a vulnerability from 2002 to be thought of as
a new
issue).
Please let us know how we can serve you better.
Peter Mell
NVD Project Lead
<mailto:nvd@nist.gov> nvd@nist.gov
<http://nvd.nist.gov/> http://nvd.nist.gov
To unsubscribe from this mailing list, please send e-mail to
<mailto:listproc@nist.gov> listproc@nist.gov with the words
"unsubscribe
nvdupdate" in the body.