Bug#942670: security-tracker: Fetching additional NVD feed information needs to switch to JSON feeds

To: 942670@bugs.debian.org
Subject: Bug#942670: security-tracker: Fetching additional NVD feed information needs to switch to JSON feeds
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 20 Oct 2019 22:37:23 +0200
Message-id: <[🔎] 20191020203723.GA10665@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 942670@bugs.debian.org
In-reply-to: <[🔎] 157151697478.9473.1970306512708583734.reportbug@eldamar.local>
References: <[🔎] 157151697478.9473.1970306512708583734.reportbug@eldamar.local> <[🔎] 157151697478.9473.1970306512708583734.reportbug@eldamar.local>

On Sat, Oct 19, 2019 at 10:29:34PM +0200, Salvatore Bonaccorso wrote:
> Package: security-tracker
> Severity: normal
> 
> As per 16th of october the NVD XML data feeds is disabled[1]. The
> security-tracker uses this feed to daily get additional information on
> CVEs (e.g. description).
> 
> The update-nvd and the used parser lib/python/nvd.py needs to be
> switched to get and parse the JSON feeds[2].
> 
>  [1] https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement
>  [2] https://nvd.nist.gov/vuln/data-feeds#JSON_FEED

Partially implemented with
https://salsa.debian.org/security-tracker-team/security-tracker/merge_requests/45
but some previous functionality is not restored. So keeping the bug
open for now.

Regards,
Salvatore

Reply to:

References:
- Bug#942670: security-tracker: Fetching additional NVD feed information needs to switch to JSON feeds
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Bug#942670: security-tracker: Fetching additional NVD feed information needs to switch to JSON feeds
Next by Date: External check
Previous by thread: Bug#942670: security-tracker: Fetching additional NVD feed information needs to switch to JSON feeds
Next by thread: empty oval xml (2019-10-24 03:31)
Index(es):
- Date
- Thread