Switched to using the TLS NVD download site, switched to using the ruby http libraries for downloading and storing the XML, fixed some rails 3 specific issues around mass assignment, and iterated the version.

Author: Symbions

.gitignore

@@ -0,0 +1 @@
+.project

fidius-cvedb-0.0.8.gem

@@ -7,8 +7,8 @@ Gem::Specification.new do |s|
   s.version     = FIDIUS::CveDb::VERSION
   s.platform    = Gem::Platform::RUBY
   s.add_dependency('nokogiri') 
-  s.authors     = ["Andreas Bender", "Jens Färber"]
-  s.email       = ["[email protected]", "[email protected]"]
+  s.authors     = ["Andreas Bender", "Jens Färber", "Michael Carlson"]
+  s.email       = ["[email protected]", "[email protected]", "[email protected]"]
   s.homepage    = "http://fidius.me"
   s.summary     = %q{Provides a parser and ActiveRecord models for the Common Vulnerability and Exposures (CVE) entries offered by the National Vulnerability Database (http://nvd.nist.gov/). }
   s.description = %q{This gem provides an opportunity to run a vulnerability database in your own environment. Therefore it comes with a parser for the National Vulnerability Database and ActiveRecord models for storing the entries in a local database and accessing Entries comfortable with Rails. }

fidius-cvedb.gemspec

@@ -1,5 +1,5 @@
 module FIDIUS
   module CveDb
-    VERSION = "0.0.7"
+    VERSION = "0.0.8"
   end
 end

lib/fidius-cvedb/version.rb

@@ -1,4 +1,6 @@
 class FIDIUS::CveDb::Cvss < FIDIUS::CveDb::CveConnection
+  attr_accessible :score, :source, :generated_on, :access_vector, :access_complexity, :authentication,
+    :confidentiality_impact_id, :integrity_impact_id, :availability_impact_id
   has_one :confidentiality_impact
   has_one :availability_impact
   has_one :integrity_impact

lib/models/fidius/cve_db/cvss.rb

@@ -1,2 +1,3 @@
 class FIDIUS::CveDb::Impact < FIDIUS::CveDb::CveConnection
+  attr_accessible :name
 end

lib/models/fidius/cve_db/impact.rb

@@ -1,3 +1,4 @@
 class FIDIUS::CveDb::Mscve < FIDIUS::CveDb::CveConnection
+  attr_accessible :nvd_entry_id, :name
   belongs_to :nvd_entry
 end

lib/models/fidius/cve_db/mscve.rb

@@ -1,5 +1,5 @@
 class FIDIUS::CveDb::NvdEntry < FIDIUS::CveDb::CveConnection
-  
+  attr_accessible :cve, :cwe, :summary, :published, :last_modified, :cvss
   has_one :cvss
   has_one :mscve
 

lib/models/fidius/cve_db/nvd_entry.rb

@@ -1,5 +1,5 @@
 class FIDIUS::CveDb::Product < FIDIUS::CveDb::CveConnection
-  
+  attr_accessible :part, :vendor, :product, :version, :update_nr, :edition, :language
   has_many :vulnerable_softwares
   has_many :nvd_entries, :through => :vulnerable_softwares
 

lib/models/fidius/cve_db/product.rb

@@ -1,3 +1,4 @@
 class FIDIUS::CveDb::VulnerabilityReference < FIDIUS::CveDb::CveConnection
+  attr_accessible :name, :link, :source, :nvd_entry_id
   belongs_to :nvd_entry
 end