A new release is now available for the cvechecker application. This is a stupid yet important bugfix release: the 3.7 release saw all newly released CVEs as being already known, so it did not take them up to the database. As a result, systems would never check for the new CVEs.
A short while ago I got the notification that pulling new CVE information was no longer possible. The reason was that the NVD site did not support uncompressed downloads anymore. The fix for cvechecker was simple, and it also gave me a reason to push out a new release (after two years) which also includes various updates by Christopher Warner.
So cvechecker 3.6 is now available for general consumption.
I just uploaded a new release of cvechecker
to the project files. The release is a (long overdue) bugfix release,
but includes two small enhancements: support standard input for the
binary list (so you can pipe the output of one command to cvechecker)
and the introduction of the
CVECHECKER_CONFFILE variable …