Bug#942670: security-tracker: Fetching additional NVD feed information needs to switch to JSON feeds
On Sat, Oct 19, 2019 at 10:29:34PM +0200, Salvatore Bonaccorso wrote:
> Package: security-tracker
> Severity: normal
>
> As per 16th of october the NVD XML data feeds is disabled[1]. The
> security-tracker uses this feed to daily get additional information on
> CVEs (e.g. description).
>
> The update-nvd and the used parser lib/python/nvd.py needs to be
> switched to get and parse the JSON feeds[2].
>
> [1] https://nvd.nist.gov/General/News/XML-Vulnerability-Feed-Retirement
> [2] https://nvd.nist.gov/vuln/data-feeds#JSON_FEED
Partially implemented with
https://salsa.debian.org/security-tracker-team/security-tracker/merge_requests/45
but some previous functionality is not restored. So keeping the bug
open for now.
Regards,
Salvatore
Reply to: