Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 29 Nov 2013 13:51:54 +0000
From: "Izadjoo, Meisam" <meisam.izadjoo@...t.gov>
To: Alex Legler <a3li@...too.org>
CC: nvd <nvd@...t.gov>, "oss-security@...ts.openwall.com"
	<oss-security@...ts.openwall.com>, Gentoo Linux Security Team
	<security@...too.org>
Subject: RE: http://nvd.nist.gov/nvd.cfm?cvename=CVE-XXX URLs result in 404

Good morning Alex, the issue you point out below was an unintended result of our upgrade earlier in the week. We will work to have this issue resolved as quickly as possible.

Thank you for bringing this matter to our attention.


Mase Izadjoo
National Vulnerability Database
National Institute of Standards and Technology
nvd.nist.gov


-----Original Message-----
From: Alex Legler [mailto:a3li@...too.org] 
Sent: Thursday, November 28, 2013 2:35 PM
To: nvd
Cc: oss-security@...ts.openwall.com; Gentoo Linux Security Team
Subject: http://nvd.nist.gov/nvd.cfm?cvename=CVE-XXX URLs result in 404

Hello,

a few days ago, CVE links using the scheme noted in the subject stopped working, and started returning HTTP 404 error codes.
Is this intended?

We have been using this URL scheme for our advisories for the better part of 2 years now, and as we publish advisories via mailing lists and several sites import our advisories, we have no way to retroactively change most of the links. If the change was intended, could you at least have the 'old' URLs reply with a permanent redirect to a new, valid URL?

Thanks,

--
Alex Legler <a3li@...too.org>
Gentoo Security/Ruby/Infrastructure

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.