Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 492772 - GLSAs list CVE urls that end up in 404s
Summary: GLSAs list CVE urls that end up in 404s
Status: RESOLVED UPSTREAM
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: GLSA Errors (show other bugs)
Hardware: All All
: Normal normal
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-11-28 08:54 UTC by Fabian Groffen
Modified: 2013-11-29 14:04 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Fabian Groffen gentoo-dev 2013-11-28 08:54:11 UTC 
GSLAs list stuff like

> [ 5 ] CVE-2011-1487
>       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1487

but that results in a 404.

instead we could use something like

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1487

(which is what you end up several tabs/clicks/pages later if you use the search function on nist's website)
Comment 1 Chris Reffett (RETIRED) gentoo-dev Security 2013-11-28 13:37:05 UTC 
It appears that the new correct URL for NVD is http://web.nvd.nist.gov/view/vuln/detail?vulnId=$(CVEID), not sure when this change happened.
Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2013-11-29 14:04:26 UTC 
Mase Izadjoo with the NVD replied to my inquiry:

"Good morning Alex, the issue you point out below was an unintended result of our upgrade earlier in the week. We will work to have this issue resolved as quickly as possible."