From aa126039e5ec88a2b26315872c4e785880933b03 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Sat, 15 Nov 2014 08:21:44 -0500
Subject: [PATCH] updated NVD CVE URLs to use gzipped files

Former-commit-id: 25c0c2e5df3a6626fae5401209fac93b105b3392
---
 .../src/main/resources/dependencycheck.properties   | 13 +++++++++----
 .../src/test/resources/dependencycheck.properties   | 13 +++++++++----
 2 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/dependency-check-core/src/main/resources/dependencycheck.properties b/dependency-check-core/src/main/resources/dependencycheck.properties
index 9f764fd0a..ef9be913f 100644
--- a/dependency-check-core/src/main/resources/dependencycheck.properties
+++ b/dependency-check-core/src/main/resources/dependencycheck.properties
@@ -40,11 +40,16 @@ data.driver_path=
 cve.url.modified.validfordays=7
 
 # the path to the modified nvd cve xml file.
-cve.url-1.2.modified=http://nvd.nist.gov/download/nvdcve-modified.xml
-cve.url-2.0.modified=http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-modified.xml
+cve.url-1.2.modified=https://nvd.nist.gov/download/nvdcve-Modified.xml.gz
+#cve.url-1.2.modified=http://nvd.nist.gov/download/nvdcve-modified.xml
+cve.url-2.0.modified=https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Modified.xml.gz
+#cve.url-2.0.modified=http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-modified.xml
 cve.startyear=2002
-cve.url-2.0.base=http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml
-cve.url-1.2.base=http://nvd.nist.gov/download/nvdcve-%d.xml
+cve.url-1.2.base=https://nvd.nist.gov/download/nvdcve-%d.xml.gz
+#cve.url-1.2.base=http://nvd.nist.gov/download/nvdcve-%d.xml
+cve.url-2.0.base=https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml.gz
+#cve.url-2.0.base=http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml
+
 
 # file type analyzer settings:
 analyzer.archive.enabled=true
diff --git a/dependency-check-core/src/test/resources/dependencycheck.properties b/dependency-check-core/src/test/resources/dependencycheck.properties
index ae48d04c2..2a364e089 100644
--- a/dependency-check-core/src/test/resources/dependencycheck.properties
+++ b/dependency-check-core/src/test/resources/dependencycheck.properties
@@ -47,11 +47,16 @@ cpe.meta.url=http://static.nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-di
 cve.url.modified.validfordays=7
 
 # the path to the modified nvd cve xml file.
-cve.url-1.2.modified=http://nvd.nist.gov/download/nvdcve-modified.xml
-cve.url-2.0.modified=http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-modified.xml
 cve.startyear=2014
-cve.url-2.0.base=http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml
-cve.url-1.2.base=http://nvd.nist.gov/download/nvdcve-%d.xml
+cve.url-1.2.modified=https://nvd.nist.gov/download/nvdcve-Modified.xml.gz
+#cve.url-1.2.modified=http://nvd.nist.gov/download/nvdcve-modified.xml
+cve.url-2.0.modified=https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-Modified.xml.gz
+#cve.url-2.0.modified=http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-modified.xml
+cve.url-1.2.base=https://nvd.nist.gov/download/nvdcve-%d.xml.gz
+#cve.url-1.2.base=http://nvd.nist.gov/download/nvdcve-%d.xml
+cve.url-2.0.base=https://nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml.gz
+#cve.url-2.0.base=http://static.nvd.nist.gov/feeds/xml/cve/nvdcve-2.0-%d.xml
+
 
 # the URL for searching Nexus for SHA-1 hashes and whether it's enabled
 analyzer.nexus.enabled=true