Hey all, Following a short interchange with Steve from Mitre I've discovered that http://cve.mitre.org/data/downloads/allitems.html.gz probably isn't the best source to get our CVE's into the tracker. We have the following options: - Keep the current feed. It works. But, it's only updated a few times a week, but this may get more often in the future. - The feeds from NVD at http://nvd.nist.gov/download.cfm They're on-demand so can be integrated into the pull-system that the tracker currently has (twice daily cronjob pulls in information and generates new list). There's a small delay, but that's probably in the order of minutes. It's an extra step between Mitre and us, which could break. - Get the email feed from CVE. There's two formats: text and XML. Most direct feed available. The text format is the one we already know from mailinglist (starting with a line of "=" and then RFC822-like). We could make a parser for that which works similarly to the one that adds new DSA's to the tracker: a procmail command that processes the mail and commits the result. It's an open question if we wouldn't be getting too many commits if we would add these new CVE's every time we receive such an email. Joey already receives them. I'm glad to hear your thoughts on these options: is it fine as is, should we still update twice a day but with more current data, or should we update any time we receive an email feed with a handfull of CVE's? cheers, Thijs
Attachment:
pgpgdNLJAQ30q.pgp
Description: PGP signature