[Open-scap] CVE Feed 2.0 Schema not compatible with CVE-ID Syntax Change (2014-01-01)
Simon Lukasik
slukasik at redhat.com
Fri Dec 20 14:22:41 UTC 2013
Dear Mitre and Dear NVD,
We have find out that CVE Feed 2.0 XSD schema located at
http://nvd.nist.gov/schema/nvd-cve-feed_2.0.xsd
is incompatible with the upcoming CVE-ID Syntax Change. The problem is
that CVE Feed transitively includes old CVE-0.1 schema.
- nvd-cve-feed_2.0.xsd includes vulnerability_0.4.xsd
- vulnerability_0.4.xsd includes cve_0.1.xsd
- cve_O.1.xsd does not support new CVE-ID syntax.
Could you please update the XSD schemas?
Thanks and kind regards,
--
Simon Lukasik
Security Technologies
Reference: https://fedorahosted.org/openscap/ticket/359
More information about the Open-scap-list
mailing list