OSVDB in license

[dberecz]

In the license the usage of OSVDB is mentioned and references their license. OSVDB and OSF both shut down years ago. Is it still relevant to keep them in the license? Removing them would make the license more clear and up-to-date. Thanks a lot!

[postmodern]

There has been work to remove any data that came from OSVDB (see #456). There are still 90 advisories named OSVDB-..., but that have no cve: ID we could rename them to. Someone will need to research each advisory (aka googling the title:) and find the missing CVE.

gems/actionpack/OSVDB-100524.yml
gems/actionpack/OSVDB-100525.yml
gems/actionpack/OSVDB-100526.yml
gems/actionpack/OSVDB-100527.yml
gems/actionpack/OSVDB-100528.yml
gems/actionpack/OSVDB-74616.yml
gems/actionpack/OSVDB-77199.yml
gems/activerecord-jdbc-adapter/OSVDB-114854.yml
gems/activerecord-oracle_enhanced-adapter/OSVDB-95376.yml
gems/activerecord/OSVDB-88661.yml
gems/activeresource/OSVDB-95749.yml
gems/as/OSVDB-112683.yml
gems/auto_awesomplete/OSVDB-132800.yml
gems/auto_select2/OSVDB-132800.yml
gems/backup_checksum/OSVDB-108570.yml
gems/bcrypt/OSVDB-62067.yml
gems/bcrypt-ruby/OSVDB-62067.yml
gems/brbackup/OSVDB-108899.yml
gems/brbackup/OSVDB-108900.yml
gems/builder/OSVDB-95668.yml
gems/bundler/OSVDB-115090.yml
gems/bundler/OSVDB-115091.yml
gems/bundler/OSVDB-115917.yml
gems/cap-strap/OSVDB-108575.yml
gems/curb/OSVDB-114600.yml
gems/devise/OSVDB-114435.yml
gems/doorkeeper/OSVDB-118830.yml
gems/dragonfly/OSVDB-110439.yml
gems/dragonfly/OSVDB-97854.yml
gems/enum_column3/OSVDB-94679.yml
gems/flavour_saver/OSVDB-110796.yml
gems/flukso4r/OSVDB-101577.yml
gems/fog-dragonfly/OSVDB-110439.yml
gems/fog-dragonfly/OSVDB-97854.yml
gems/gnms/OSVDB-108594.yml
gems/handlebars-source/OSVDB-131671.yml
gems/i18n/OSVDB-100528.yml
gems/jruby-sandbox/OSVDB-106279.yml
gems/json/OSVDB-101157.yml
gems/kajam/OSVDB-108530.yml
gems/karo/OSVDB-108573.yml
gems/kcapifony/OSVDB-108572.yml
gems/kompanee-recipes/OSVDB-108593.yml
gems/lingq/OSVDB-108585.yml
gems/loofah/OSVDB-90945.yml
gems/lynx/OSVDB-108579.yml
gems/mapbox-rails/OSVDB-129854.yml
gems/mapbox-rails/OSVDB-132871.yml
gems/mustache-js-rails/OSVDB-131671.yml
gems/nokogiri/OSVDB-118481.yml
gems/open-uri-cached/OSVDB-121701.yml
gems/paperclip/OSVDB-103151.yml
gems/passenger/OSVDB-90738.yml
gems/quick_magick/OSVDB-106954.yml
gems/rack-attack/OSVDB-132234.yml
gems/redcarpet/OSVDB-120415.yml
gems/redis-namespace/OSVDB-96425.yml
gems/refile/OSVDB-120857.yml
gems/ruby-saml/OSVDB-117903.yml
gems/ruby-saml/OSVDB-124383.yml
gems/ruby-saml/OSVDB-124991.yml
gems/screen_capture/OSVDB-107783.yml
gems/sidekiq/OSVDB-125675.yml
gems/sidekiq/OSVDB-125676.yml
gems/sidekiq/OSVDB-125678.yml
gems/sidekiq-pro/OSVDB-126329.yml
gems/sidekiq-pro/OSVDB-126330.yml
gems/sidekiq-pro/OSVDB-126331.yml
gems/spree_auth_devise/OSVDB-90865.yml
gems/spree_auth/OSVDB-90865.yml
gems/spree/OSVDB-119205.yml
gems/spree/OSVDB-125699.yml
gems/spree/OSVDB-125701.yml
gems/spree/OSVDB-125712.yml
gems/spree/OSVDB-125713.yml
gems/spree/OSVDB-69098.yml
gems/spree/OSVDB-73751.yml
gems/spree/OSVDB-76011.yml
gems/spree/OSVDB-81505.yml
gems/spree/OSVDB-81506.yml
gems/spree/OSVDB-90865.yml
gems/spree/OSVDB-91216.yml
gems/spree/OSVDB-91217.yml
gems/spree/OSVDB-91218.yml
gems/spree/OSVDB-91219.yml
gems/twitter-bootstrap-rails/OSVDB-109206.yml
gems/uglifier/OSVDB-126747.yml
gems/web-console/OSVDB-112346.yml
rubies/jruby/OSVDB-94644.yml
rubies/rbx/OSVDB-78119.yml

There are also 64 advisories which contain URLs to the defunct osvdb.org website, which should probably be removed. A PR could easily be submitted to remove the dead osvdb.org URLs.

gems/activerecord-jdbc-adapter/OSVDB-114854.yml
gems/activerecord-oracle_enhanced-adapter/OSVDB-95376.yml
gems/activeresource/OSVDB-95749.yml
gems/as/OSVDB-112683.yml
gems/backup_checksum/OSVDB-108570.yml
gems/brbackup/OSVDB-108899.yml
gems/brbackup/OSVDB-108900.yml
gems/builder/OSVDB-95668.yml
gems/bundler/OSVDB-115090.yml
gems/bundler/OSVDB-115091.yml
gems/bundler/OSVDB-115917.yml
gems/cap-strap/OSVDB-108575.yml
gems/curb/OSVDB-114600.yml
gems/doorkeeper/OSVDB-118830.yml
gems/dragonfly/OSVDB-110439.yml
gems/dragonfly/OSVDB-97854.yml
gems/enum_column3/OSVDB-94679.yml
gems/flavour_saver/OSVDB-110796.yml
gems/flukso4r/OSVDB-101577.yml
gems/fog-dragonfly/OSVDB-110439.yml
gems/fog-dragonfly/OSVDB-97854.yml
gems/gnms/OSVDB-108594.yml
gems/json/OSVDB-101157.yml
gems/kajam/OSVDB-108530.yml
gems/karo/OSVDB-108573.yml
gems/kcapifony/OSVDB-108572.yml
gems/kompanee-recipes/OSVDB-108593.yml
gems/lingq/OSVDB-108585.yml
gems/loofah/OSVDB-90945.yml
gems/lynx/OSVDB-108579.yml
gems/paperclip/OSVDB-103151.yml
gems/quick_magick/OSVDB-106954.yml
gems/ruby-saml/OSVDB-117903.yml
gems/screen_capture/OSVDB-107783.yml
gems/web-console/OSVDB-112346.yml
rubies/jruby/OSVDB-94644.yml
rubies/rbx/CVE-2012-5372.yml
rubies/rbx/OSVDB-78119.yml
rubies/ruby/CVE-2008-2662.yml
rubies/ruby/CVE-2008-2663.yml
rubies/ruby/CVE-2008-2664.yml
rubies/ruby/CVE-2008-2725.yml
rubies/ruby/CVE-2008-2726.yml
rubies/ruby/CVE-2008-3790.yml
rubies/ruby/CVE-2009-1904.yml
rubies/ruby/CVE-2009-4124.yml
rubies/ruby/CVE-2009-4492.yml
rubies/ruby/CVE-2010-0541.yml
rubies/ruby/CVE-2010-2489.yml
rubies/ruby/CVE-2011-1004.yml
rubies/ruby/CVE-2011-1005.yml
rubies/ruby/CVE-2011-3389.yml
rubies/ruby/CVE-2011-4815.yml
rubies/ruby/CVE-2012-4522.yml
rubies/ruby/CVE-2012-5371.yml
rubies/ruby/CVE-2013-1821.yml
rubies/ruby/CVE-2013-2065.yml
rubies/ruby/CVE-2013-4073.yml
rubies/ruby/CVE-2013-4164.yml
rubies/ruby/CVE-2014-2525.yml
rubies/ruby/CVE-2014-3916.yml
rubies/ruby/CVE-2014-4975.yml
rubies/ruby/CVE-2014-8080.yml
rubies/ruby/CVE-2014-8090.yml