broken links

git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@40936 e39458fd-73e7-0310-bf30-c45bca0a0e42
author: Luciano Bello <luciano@debian.org> 2016-04-14 20:16:46 +0000
committer: Luciano Bello <luciano@debian.org> 2016-04-14 20:16:46 +0000
commit: 94101df1de214ba19697926bc95d858dc1e0f383 (patch)
tree: 6dfba6ec812dc89b629a5812081687de3898265a /data/CVE
parent: 57f23c3f564d22120467e0232722549dd76c873f (diff)
16 files changed, 126 insertions, 118 deletions
diff --git a/data/CVE/list.2001 b/data/CVE/list.2001
index 8343720730..47a335bd9e 100644
--- a/data/CVE/list.2001
+++ b/data/CVE/list.2001
@@ -351,7 +351,7 @@ CVE-2001-1430 (Cayman 3220-H DSL Router 1.0 ship without a password set, which a
 	NOT-FOR-US: Cayman DSL router
 CVE-2001-1429 (Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local ...)
 	NOTE: I could track this down to this posting
-	NOTE: http://cert.uni-stuttgart.de/archive/vuln-dev/2001/11/msg00104.html
+	NOTE: http://web.archive.org/web/20051206035530/http://cert.uni-stuttgart.de:80/archive/vuln-dev/2001/11/msg00104.html
 	NOTE: This looks very obscure an does not contain useful information on how this
 	NOTE: was triggered and even then it's not a problem, as mcedit usage does not
 	NOTE: have a remote impact and is not suid
@@ -1637,7 +1637,7 @@ CVE-2001-0002 (Internet Explorer 5.5 and earlier allows remote attackers to obta
 CVE-2001-0001 (cookiedecode function in PHP-Nuke 4.4 allows users to bypass ...)
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2001-1413 (Stack-based buffer overflow in the comprexx function for ncompress ...)
-	NOTE: not vulnerable according to http://www.debian.org/security/nonvulns-sarge
+	NOTE: not vulnerable according to http://web.archive.org/web/20070529152436/http://www.debian.org/security/nonvulns-sarge
 	NOTE: discussion at:
 	NOTE: http://archives.neohapsis.com/archives/linux/lsap/2001-q2/0081.html
 	NOTE: listed sarge version contains a fix like the patch from Gentoo
diff --git a/data/CVE/list.2002 b/data/CVE/list.2002
index 619521f124..71d09e280a 100644
--- a/data/CVE/list.2002
+++ b/data/CVE/list.2002
@@ -818,7 +818,7 @@ CVE-2002-2062 (Cross-site scripting (XSS) vulnerability in ftp.htt in Internet .
 	NOT-FOR-US: Microsoft
 CVE-2002-2061 (Heap-based buffer overflow in Netscape 6.2.3 and Mozilla 1.0 and ...)
 	NOTE: fixed in upstream 1.0.1
-	NOTE: see http://www.mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html
+	NOTE: see http://web.archive.org/web/20090628044831/http://www.mozilla.org/releases/mozilla1.0.1/security-fixes-1.0.1.html
 	- mozilla 2:1.1-1 (low)
 CVE-2002-2060 (Buffer overflow in Links 2.0 pre4 allows remote attackers to crash ...)
 	- links2 <not-affected> (Fixed before upload into archiv; 2.0pre5)
@@ -3058,7 +3058,7 @@ CVE-2002-1471 (The camel component for Ximian Evolution 1.0.x and earlier does n
 	- evolution 1.2.0-1 (bug #280883)
 CVE-2002-1469 (scponly does not properly verify the path when finding the (1) scp or ...)
 	- scponly 3.8-1
-	NOTE: according to http://sublimation.org/scponly/ (scponly home page)
+	NOTE: according to http://web.archive.org/web/20150425070754/http://sublimation.org/scponly/ (scponly home page)
 	NOTE: only versions of scponly older than scponly-2.4 are affected
 CVE-2002-1468 (Buffer overflow in errpt in AIX 4.3.3 allows local users to execute ...)
 	NOT-FOR-US: AIX
diff --git a/data/CVE/list.2003 b/data/CVE/list.2003
index 3504a72737..2ab11143b2 100644
--- a/data/CVE/list.2003
+++ b/data/CVE/list.2003
@@ -3117,7 +3117,7 @@ CVE-2003-0167 (Multiple off-by-one buffer overflows in the IMAP capability for M
 	- balsa 2.0.10
 	- mutt 1.4.0
 CVE-2003-0166 (Integer signedness error in emalloc() function for PHP before 4.3.2 ...)
-	- php4 <not-affected> (Non-issue; see http://marc.theaimsgroup.com/?l=bugtraq&m=104931415307111&w=2)
+	- php4 <not-affected> (Non-issue; see http://marc.theaimsgroup.com/?l=bugtraq&m=104931415307111&w=2 ) 
 CVE-2003-0165 (Format string vulnerability in Eye Of Gnome (EOG) allows attackers to ...)
 	- eog 2.2.1
 CVE-2003-0164
@@ -3537,7 +3537,7 @@ CVE-2003-0022 (The &quot;screen dump&quot; feature in rxvt 2.7.8 allows attacker
 	- rxvt 1:2.6.4-6.1
 CVE-2003-0021 (The &quot;screen dump&quot; feature in Eterm 0.9.1 and earlier allows attackers ...)
 	- eterm 0.9.2-1
-	NOTE: According to upstream changelog and http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2
+	NOTE: According to upstream changelog and http://web.archive.org/web/20060505232225/http://marc.theaimsgroup.com/?l=bugtraq&m=104612710031920&w=2
 	NOTE: this is fixed in eterm 0.9.2
 CVE-2003-0020 (Apache does not filter terminal escape sequences from its error logs, ...)
 	- apache2 2.0.49
diff --git a/data/CVE/list.2004 b/data/CVE/list.2004
index e502b3a2a3..7a48c38c49 100644
--- a/data/CVE/list.2004
+++ b/data/CVE/list.2004
@@ -3944,7 +3944,7 @@ CVE-2004-0957 (Unknown vulnerability in MySQL 3.23.58 and earlier, when a local
 	- mysql-dfsg-4.1 4.1.10a-6
 	- mysql-dfsg 4.0.24-5
 CVE-2004-0956 (MySQL before 4.0.20 allows remote attackers to cause a denial of ...)
-	- mysql-dfsg <not-affected> (Not vulnerable, http://www.debian.org/security/nonvulns-sarge)
+	- mysql-dfsg <not-affected> (Not vulnerable, http://web.archive.org/web/20070529152436/http://www.debian.org/security/nonvulns-sarge)
 CVE-2004-0955
 	REJECTED
 CVE-2004-0954
@@ -4383,7 +4383,7 @@ CVE-2004-0788 (Integer overflow in the ICO image decoder for (1) gdk-pixbuf befo
 CVE-2004-0787 (Cross-site scripting (XSS) vulnerability in the web frontend in OpenCA ...)
 	NOT-FOR-US: OpenCA
 CVE-2004-0786 (The IPv6 URI parsing routines in the apr-util library for Apache ...)
-	- apache <not-affected>	(not vulnerable according to http://www.debian.org/security/nonvulns-sarge)
+	- apache <not-affected>	(not vulnerable according to http://web.archive.org/web/20070529152436/http://www.debian.org/security/nonvulns-sarge)
 	- apache2 2.0.51
 CVE-2004-0785 (Multiple buffer overflows in Gaim before 0.82 allow remote attackers ...)
 	- gaim 1:0.82
@@ -5341,7 +5341,7 @@ CVE-2004-0395 (The xatitv program in the gatos package does not properly drop ro
 CVE-2004-0394 (A &quot;potential&quot; buffer overflow exists in the panic() function in Linux ...)
 	{DSA-1082-1 DSA-1070-1 DSA-1069-1 DSA-1067-1}
 	- linux-2.6 <not-affected>
-	NOTE: patch: http://www.ultramonkey.org/bugs/cve-patch/CVE-2004-0394.patch
+	NOTE: patch: http://www.ultramonkey.org/bugs/cve-patch/CAN-2004-0394.patch
 CVE-2004-0393 (Format string vulnerability in the msg function for rlpr daemon ...)
 	{DSA-524}
 	- rlpr 2.02-7.1 (bug #255402)
@@ -5552,7 +5552,7 @@ CVE-2004-0288 (Buffer overflow in the UdmDocToTextBuf function in mnoGoSearch 3.
 	NOTE: it's not quite clear which version exactly fixes the problem;
 	NOTE: I checked the source code of the most recent version and compared
 	NOTE: it with the problematic section described in the advisory
-	NOTE: (http://marc.theaimsgroup.com/?l=bugtraq&m=107695139930726&w=2)
+	NOTE: (http://web.archive.org/web/20060430085228/http://marc.theaimsgroup.com/?l=bugtraq&m=107695139930726&w=2)
 	NOTE: and I can confirm the buffer overflow is fixed there
 CVE-2004-0287 (Xlight FTP server 1.52 allows remote authenticated users to cause a ...)
 	NOT-FOR-US: Xlight FTP server 1.52;
diff --git a/data/CVE/list.2005 b/data/CVE/list.2005
index 332eacbddd..19dd9ffea9 100644
--- a/data/CVE/list.2005
+++ b/data/CVE/list.2005
@@ -506,7 +506,7 @@ CVE-2005-4685 (Firefox and Mozilla can associate a cookie with multiple domains
 	[sarge] - mozilla <no-dsa> (Hardly exploitable)
 	- xulrunner <unfixed> (unimportant)
 CVE-2005-4684 (Konqueror can associate a cookie with multiple domains when the DNS ...)
-	NOTE: http://cvs.fedora.redhat.com/viewcvs/fedora-security/audit/fc5?root=fedora&rev=1.172&view=markup says "ignore (kdebase) not fixed upstream, low, can't fix"
+	NOTE: http://www.redhat.com/archives/fedora-extras-commits/2006-August/msg01104.html says "ignore (kdebase) not fixed upstream, low, can't fix"
 	- kdebase <unfixed> (unimportant)
 	[sarge] - kdebase <no-dsa> (Hardly exploitable)
 CVE-2005-4683 (PADL MigrationTools 46, when a failure occurs, stores contents of ...)
@@ -1701,7 +1701,7 @@ CVE-2005-4134 (Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before
 	- mozilla 2:1.7.13-0.1 (unimportant)
 	[sarge] - mozilla-thunderbird 1.0.2-2.sarge1.0.8 (unimportant)
 	NOTE: Not exploitable beyond a sluggish browser startup, see
-	NOTE: http://www.mozilla.org/security/history-title.html
+	NOTE: http://web.archive.org/web/20141206010602/https://www.mozilla.org/security/history-title.html
 CVE-2005-4133 (Sun Update Connection in Sun Solaris 10, when configured to use a web ...)
 	NOT-FOR-US: Solaris
 CVE-2005-4132 (Unspecified &quot;security leak&quot; vulnerability in Contenido before 4.6.4, ...)
@@ -3650,7 +3650,7 @@ CVE-2005-XXXX [kernel: Signedness problems in net/core/filter]
 	- linux-2.6 2.6.12-2
 	[sarge] - kernel-source-2.4.27 <not-affected>
 	[sarge] - kernel-source-2.6.8 <not-affected>
-	NOTE: http://www.kernel.org/git/?p=linux/kernel/git/chrisw/linux-2.6.12.y.git;a=commit;h=4717ecd49ce5c556d38e8c7b6fdc9fac5d35c00e
+	NOTE: http://kernel.suse.com/cgit/kernel/commit/?h=v2.6.12.5&id=4717ecd49ce5c556d38e8c7b6fdc9fac5d35c00e
 CVE-2005-XXXX [Insecure temp file usage in thttpd's syslogtocern]
 	- thttpd 2.23beta1-4 (low)
 	[sarge] - thttpd <no-dsa> (Minor issue in addon package)
@@ -4396,7 +4396,7 @@ CVE-2005-3042 (miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when
 	- webmin 1.230-1 (high; bug #329741)
 	[sarge] - webmin <not-affected> (Vulnerable code not present, see #329741)
 	- usermin 1.160-1 (high; bug #329742)
-	NOTE: SNS Advisory 83, http://marc.theaimsgroup.com/?m=112733083203821
+	NOTE: SNS Advisory 83, http://web.archive.org/web/20060509133229/http://marc.theaimsgroup.com:80/?m=112733083203821
 CVE-2005-3041 (Unspecified &quot;drag-and-drop vulnerability&quot; in Opera Web Browser before ...)
 	NOT-FOR-US: Opera
 CVE-2005-3040 (Directory traversal vulnerability in the web interface (ISALogin.dll) ...)
@@ -5422,7 +5422,7 @@ CVE-2005-2618 (Multiple stack-based buffer overflows in Autonomy (formerly Verit
 	NOT-FOR-US: Autonomy
 CVE-2005-2617 (The syscall32_setup_pages function in syscall32.c for Linux kernel ...)
 	{DTSA-16-1}
-	NOTE: http://lists.debian.org/debian-kernel/2005/08/msg00991.html, amd64 specific DOS
+	NOTE: http://lists.debian.org/debian-kernel/2005/08/msg00991.html - amd64 specific DOS
 	- linux-2.6 2.6.12-6
 CVE-2005-2616 (Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote ...)
 	NOT-FOR-US: ezUpload
@@ -10549,7 +10549,7 @@ CVE-2005-0407 (Cross-site scripting (XSS) vulnerability in Openconf 1.04, and ..
 CVE-2005-0406 (A design flaw in image processing software that modifies JPEG images ...)
 	- imagemagick <unfixed> (bug #298051; unimportant)
 	NOTE: <Maulkin> The EXIF spec says "if your app can't handle $foo, don't touch $foo"
-	NOTE: <Piet> 'convert -strip' will remove exif data according to http://www.imagemagick.org/pipermail/magick-users/2006-May/017538.html
+	NOTE: <Piet> 'convert -strip' will remove exif data according to http://web.archive.org/web/20130922031724/http://www.imagemagick.org:80/pipermail/magick-users/2006-May/017538.html
 CVE-2005-0405
 	RESERVED
 CVE-2005-0404 (KMail 1.7.1 in KDE 3.3.2 allows remote attackers to spoof email ...)
diff --git a/data/CVE/list.2006 b/data/CVE/list.2006
index 1ff6b38638..a2af56b55c 100644
--- a/data/CVE/list.2006
+++ b/data/CVE/list.2006
@@ -849,11 +849,11 @@ CVE-2006-6877 (Directory traversal vulnerability in index.php in Matteo Lucarell
 CVE-2006-6876 (Buffer overflow in the fetchsms function in the SMS handling module ...)
 	- openser 1.1.1-1 (medium)
 	[etch] - openser 1.1.0-9etch1
-	NOTE: http://www.openser.org/pub/openser/1.1.1/ChangeLog
+	NOTE: http://web.archive.org/web/20151126200215/http://www.openser.org/pub/openser/1.1.1/ChangeLog
 CVE-2006-6875 (Buffer overflow in the validateospheader function in the Open ...)
 	- openser 1.1.1-1 (medium)
 	[etch] - openser 1.1.0-9etch1
-	NOTE: http://www.openser.org/pub/openser/1.1.1/ChangeLog
+	NOTE: http://web.archive.org/web/20151126200215/http://www.openser.org/pub/openser/1.1.1/ChangeLog
 CVE-2006-6874 (Multiple cross-site scripting (XSS) vulnerabilities in friend.php in ...)
 	NOT-FOR-US: eNdonesia CMS
 CVE-2006-6873 (Multiple SQL injection vulnerabilities in mod.php in eNdonesia 8.4 ...)
@@ -7366,7 +7366,7 @@ CVE-2006-3947 (PHP remote file inclusion vulnerability in ...)
 CVE-2006-3946 (WebCore in Apple Mac OS X 10.3.9 and 10.4 through 10.4.7 allows remote ...)
 	NOT-FOR-US: Apple Safari 2.0.4
 	NOTE: konqueror 3.5.x is not affected
-	NOTE: PoC http://browserfun.blogspot.com/2006/07/mobb-31-safari-khtmlparserpoponeblock.html
+	NOTE: PoC http://web.archive.org/web/20130701013045/http://browserfun.blogspot.com/2006/07/mobb-31-safari-khtmlparserpoponeblock.html
 CVE-2006-3945 (The CSS functionality in Opera 9 on Windows XP SP2 allows remote ...)
 	NOT-FOR-US: Opera
 CVE-2006-3944 (Microsoft Internet Explorer 6 on Windows XP SP2 allows remote ...)
diff --git a/data/CVE/list.2007 b/data/CVE/list.2007
index 56bf980c70..47dd3b8059 100644
--- a/data/CVE/list.2007
+++ b/data/CVE/list.2007
@@ -5953,7 +5953,7 @@ CVE-2007-4264 (Multiple cross-site scripting (XSS) vulnerabilities in index.php
 	NOT-FOR-US: snif
 CVE-2007-4280 (The Skinny channel driver (chan_skinny) in Asterisk Open Source before ...)
 	- asterisk 1:1.4.10~dfsg-1
-	NOTE: http://ftp.digium.com/pub/asa/ASA-2007-019.html
+	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-019.htm
 	[sarge] - asterisk <not-affected> (not affected according to advisory)
 	[etch] - asterisk <not-affected> (not affected according to advisory)
 CVE-2007-4263 (Unspecified vulnerability in the server side of the Secure Copy (SCP) ...)
@@ -7113,22 +7113,22 @@ CVE-2007-3765 (The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskN
 	- asterisk 1:1.4.8~dfsg-1 (bug #433681)
 	[sarge] - asterisk <not-affected> (1.0.x not affected)
 	[etch] - asterisk <not-affected> (1.2.x not affected)
-	NOTE: http://ftp.digium.com/pub/asa/ASA-2007-017.html
+	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-017.htm
 CVE-2007-3764 (The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and ...)
 	{DSA-1358-1}
 	- asterisk 1:1.4.8~dfsg-1
 	NOTE: Etch and Sarge affected
-	NOTE: http://ftp.digium.com/pub/asa/ASA-2007-016.html
+	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-016.htm
 CVE-2007-3763 (The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and ...)
 	{DSA-1358-1}
 	- asterisk 1:1.4.8~dfsg-1
 	NOTE: Etch and Sarge affected
-	NOTE: http://ftp.digium.com/pub/asa/ASA-2007-015.html
+	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-015.htm
 CVE-2007-3762 (Stack-based buffer overflow in the IAX2 channel driver (chan_iax2) in ...)
 	{DSA-1358-1}
 	- asterisk 1:1.4.8~dfsg-1 (high)
 	NOTE: Etch and Sarge affected
-	NOTE: http://ftp.digium.com/pub/asa/ASA-2007-014.html
+	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-014.htm
 CVE-2007-3820 (konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to ...)
 	- kdebase 4:3.5.7-3 (bug #433072; low)
 	[sarge] - kdebase <no-dsa> (Minor issue)
@@ -7986,7 +7986,7 @@ CVE-2007-3388 (Multiple format string vulnerabilities in (1) qtextedit.cpp, (2)
 	{DSA-1426-1}
 	- qt-x11-free 3:3.3.7-6
 	- qt4-x11 <not-affected> (This problem is not present in any version of Qt 4)
-	NOTE: http://trolltech.com/company/newsroom/announcements/press.2007-07-27.7503755960
+	NOTE: http://web.archive.org/web/20080206133848/http://trolltech.com:80/company/newsroom/announcements/press.2007-07-27.7503755960
 CVE-2007-3387 (Integer overflow in the StreamPredictor::StreamPredictor function in ...)
 	{DSA-1357-1 DSA-1355-1 DSA-1354-1 DSA-1352-1 DSA-1350-1 DSA-1349-1 DSA-1348-1 DSA-1347-1 DTSA-49-1 DTSA-50-1 DTSA-54-1 DTSA-62-1}
 	- poppler 0.5.4-6.1 (bug #435460)
@@ -9534,7 +9534,7 @@ CVE-2007-2756 (The gdPngReadData function in libgd 2.0.34 allows user-assisted .
 	[sarge] - libgd <no-dsa> (Minor issue)
 	[etch] - libgd2 <no-dsa> (Minor issue)
 	[sarge] - libgd2 <no-dsa> (Minor issue)
-	NOTE: http://bugs.libgd.org/?do=details&task_id=86
+	NOTE: https://web.archive.org/web/20090212193455/http://bugs.libgd.org/?do=details&task_id=86
 CVE-2007-2755 (The PrecisionID Barcode 1.9 ActiveX control in ...)
 	NOT-FOR-US: PrecisionID
 CVE-2007-2754 (Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and ...)
@@ -10150,7 +10150,7 @@ CVE-2007-2488 (The IAX2 channel driver (chan_iax2) in Asterisk before 20070504 d
 	- asterisk 1:1.4.5~dfsg-1 (low)
 	NOTE: no-dsa / unimportant candidate, the opposite side of the telephone line
 	NOTE: could just as well hang-up
-	NOTE: http://ftp.digium.com/pub/asa/ASA-2007-013.html
+	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-013.htm
 CVE-2007-2480 (The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel ...)
 	- linux-2.6 2.6.22-1 (medium)
 CVE-2007-2479 (Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers ...)
@@ -10472,7 +10472,7 @@ CVE-2007-2379 (The jQuery framework exchanges data using JavaScript Object Notat
 CVE-2007-2378 (The Google Web Toolkit (GWT) framework exchanges data using JavaScript ...)
 	- gwt <removed> (unimportant; bug #563542)
 	NOTE: javascript security guidelines provided to developers to avoid these issues
-	NOTE: http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications
+	NOTE: https://developers.google.com/web-toolkit/articles/security_for_gwt_applications 
 CVE-2007-2377 (The Getahead Direct Web Remoting (DWR) framework 1.1.4 exchanges data ...)
 	NOT-FOR-US: Getahead Direct Web Remoting
 CVE-2007-2376 (The Dojo framework exchanges data using JavaScript Object Notation ...)
@@ -10657,13 +10657,13 @@ CVE-2007-2294 (The Manager Interface in Asterisk before 1.2.18 and 1.4.x before
 	{DSA-1358-1}
 	- asterisk 1:1.4.3~dfsg-1 (low)
 	NOTE: Etch and Sarge affected
-	NOTE: http://ftp.digium.com/pub/asa/ASA-2007-012.html
+	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-012.htm
 CVE-2007-2293 (Multiple stack-based buffer overflows in the process_sdp function in ...)
 	- asterisk 1:1.4.3~dfsg-1 (high)
 	[sarge] - asterisk <not-affected> (1.0.x not affected)
 	[etch] - asterisk <not-affected> (1.2.x not affected)
 	[lenny] - asterisk <not-affected> (vulnerable code not present)
-	NOTE: http://ftp.digium.com/pub/asa/ASA-2007-010.html
+	NOTE: https://downloads.avaya.com/elmodocs2/security/ASA-2007-010.htm
 CVE-2007-2292 (CRLF injection vulnerability in the Digest Authentication support for ...)
 	{DSA-1401-1 DSA-1396-1 DSA-1392-1 DTSA-69-1 DTSA-80-1}
 	- iceweasel 2.0.0.8-1 (low)
@@ -11239,7 +11239,7 @@ CVE-2007-2030 (lharc.c in lha does not securely create temporary files, which mi
 CVE-2007-2029 (File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) ...)
 	{DSA-1281-1 DTSA-37-1}
 	- clamav 0.90.2-1 (low; bug #418849)
-	NOTE: closed report: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=459
+	NOTE: closed report: https://bugzilla.clamav.net/show_bug.cgi?id=459
 	NOTE: Commit r3021 looks as if it's just a null pointer dereference.
 CVE-2007-2028 (Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to ...)
 	- freeradius 1.1.6-1 (low)
@@ -14903,7 +14903,7 @@ CVE-2007-0474 (Smb4K before 0.8.0 allow local users, when present on the Smb4K .
 	- smb4k 0.8.1-1 (low)
 	[etch] - smb4k <no-dsa> (Minor issue)
 	NOTE: not fixed in 0.8.0, see
-	NOTE: http://developer.berlios.de/bugs/?func=detailbug&bug_id=9631&group_id=769
+	NOTE: https://web.archive.org/web/20070712072042/http://developer.berlios.de/bugs/?func=detailbug&bug_id=9631&group_id=769
 CVE-2007-0473 (The writeFile function in core/smb4kfileio.cpp in Smb4K before 0.8.0 ...)
 	- smb4k 0.8.0-1 (low)
 	[etch] - smb4k <no-dsa> (Minor issue)
@@ -15697,7 +15697,7 @@ CVE-2007-0137 (Cross-site scripting (XSS) vulnerability in SimpleBoxes/Serendipi
 	NOT-FOR-US: Serene Bach
 CVE-2007-0136 (Multiple cross-site scripting (XSS) vulnerabilities in Drupal before ...)
 	- drupal 4.7.5-1
-	NOTE: vendor advisory: http://drupal.org/node/104233, DRUPAL-SA-2007-001
+	NOTE: vendor advisory: http://drupal.org/node/104233 - DRUPAL-SA-2007-001
 CVE-2007-0135 (PHP remote file inclusion vulnerability in inc/init.inc.php in Aratix ...)
 	NOT-FOR-US: Aratix
 CVE-2007-0134 (Multiple eval injection vulnerabilities in iGeneric iG Shop 1.0 allow ...)
diff --git a/data/CVE/list.2008 b/data/CVE/list.2008
index ff75e71a2d..4c4fa0604b 100644
--- a/data/CVE/list.2008
+++ b/data/CVE/list.2008
@@ -4396,7 +4396,7 @@ CVE-2008-5345 (Unspecified vulnerability in Java Runtime Environment (JRE) with
 	- sun-java6 6-12-1 (bug #508195)
 	[lenny] - sun-java6 6-20-0lenny1
 	- openjdk-6 <not-affected> (bug in plugin code)
-	NOTE: For OpenJDK, see: <http://mail.openjdk.java.net/pipermail/core-libs-dev/2009-June/001784.html>
+	NOTE: For OpenJDK, see: http://mail.openjdk.java.net/pipermail/core-libs-dev/2009-June/001784.html
 CVE-2008-5344 (Unspecified vulnerability in Java Web Start (JWS) and Java Plug-in ...)
 	- sun-java5 1.5.0-17-0.1 (bug #508194)
 	[etch] - sun-java5 <no-dsa> (Non-free not supported)
@@ -4885,7 +4885,7 @@ CVE-2008-5162 (The arc4random function in the kernel in FreeBSD 6.3 through 7.1
 	[lenny] - kfreebsd-7 7.0-7lenny1
 CVE-2008-5161 (Error handling in the SSH protocol in (1) SSH Tectia Client and Server ...)
 	- openssh 1:5.1p1-5 (low; bug #506115)
-	[etch] - openssh <no-dsa> (Minor issue, see http://www.openssh.org/txt/cbc.adv)
+	[etch] - openssh <no-dsa> (Minor issue, see http://www.openssh.org/txt/cbc.adv )
 CVE-2008-5185 (The highlighting functionality in geshi.php in GeSHi before 1.0.8 ...)
 	{DTSA-179-1}
 	- geshi 1.0.8.1-1 (medium)
@@ -10511,7 +10511,7 @@ CVE-2008-2958 (Race condition in (1) checkinstall 1.6.1 and (2) installwatch all
 	- checkinstall 1.6.1-7 (low; bug #488140)
 CVE-2008-XXXX [werkzeug hashes its secret instead of using hmac]
 	- python-werkzeug 0.3.1-1
-	NOTE: http://lucumr.pocoo.org/cogitations/2008/06/24/werkzeug-031-released/
+	NOTE: http://web.archive.org/web/20081229140824/http://lucumr.pocoo.org:80/cogitations/2008/06/24/werkzeug-031-released/
 CVE-2008-2841 (Argument injection vulnerability in XChat 2.8.7b and earlier on ...)
 	- xchat <not-affected> (Windows specific problem)
 CVE-2008-2840 (Multiple directory traversal vulnerabilities in Exero CMS 1.0.0 and ...)
@@ -12208,7 +12208,7 @@ CVE-2008-2109 (field.c in the libid3tag 0.15.0b library allows context-dependent
 CVE-2008-2108 (The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, ...)
 	{DSA-1789-1}
 	- php5 5.2.2-1 (low)
-	NOTE: http://www.sektioneins.de/advisories/SE-2008-02.txt
+	NOTE: http://web.archive.org/web/20120118120046/http://www.sektioneins.de/advisories/SE-2008-02.txt
 CVE-2008-2107 (The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, ...)
 	{DSA-1789-1}
 	- php5 5.2.2-1 (low)
@@ -12359,7 +12359,7 @@ CVE-2008-2051 (The escapeshellcmd API function in PHP before 5.2.6 has unknown i
 	{DSA-1578-1 DSA-1572-1 DTSA-135-1}
 	- php5 5.2.6-1
 	NOTE: http://www.php.net/ChangeLog-5.php
-	NOTE: http://www.sektioneins.de/advisories/SE-2008-03.txt
+	NOTE: http://web.archive.org/web/20120524033327/http://www.sektioneins.de/advisories/SE-2008-03.txt
 CVE-2008-2050 (Stack-based buffer overflow in the FastCGI SAPI (fastcgi.c) in PHP ...)
 	{DSA-1572-1 DTSA-135-1}
 	- php5 5.2.6-1
@@ -16603,7 +16603,7 @@ CVE-2008-0238 (Multiple heap-based buffer overflows in the rmff_dump_cont functi
 CVE-2008-0299 (common.py in Paramiko 1.7.1 and earlier, when using threads or forked ...)
 	- paramiko 1.6.4-1.1 (low; bug #460706)
 	[etch] - paramiko <no-dsa> (Minor issue)
-	NOTE: http://www.lag.net/pipermail/paramiko/2008-January/000599.html
+	NOTE: http://web.archive.org/web/20100715101310/http://www.lag.net/pipermail/paramiko/2008-January/000599.html
 CVE-2008-0237 (The Microsoft Rich Textbox ActiveX Control (RICHTX32.OCX) 6.1.97.82 ...)
 	NOT-FOR-US: Microsoft Rich Textbox ActiveX Control
 CVE-2008-0236 (An ActiveX control for Microsoft Visual FoxPro (vfp6r.dll 6.0.8862.0) ...)
@@ -16797,7 +16797,7 @@ CVE-2008-0302 (Untrusted search path vulnerability in apt-listchanges.py in ...)
 	{DSA-1465-2}
 	- apt-listchanges 2.82 (medium)
 	[sarge] - apt-listchanges <not-affected> (Vulnerable code not present)
-	NOTE: see http://git.madism.org/?p=apt-listchanges.git;a=commitdiff;h=1bcfbf3dc55413bb83a1782dc9a54515a963fb32
+	NOTE: see http://web.archive.org/web/20080206193307/http://git.madism.org:80/?p=apt-listchanges.git;a=commitdiff;h=1bcfbf3dc55413bb83a1782dc9a54515a963fb32
 CVE-2008-0160
 	RESERVED
 CVE-2008-0173 (SQL injection vulnerability in Gforge 4.6.99 and earlier allows remote ...)
diff --git a/data/CVE/list.2009 b/data/CVE/list.2009
index c3f08b6750..42a1ef81d7 100644
--- a/data/CVE/list.2009
+++ b/data/CVE/list.2009
@@ -1505,7 +1505,7 @@ CVE-2009-4484 (Multiple stack-based buffer overflows in the CertDecoder::GetName
 	- mysql-dfsg-5.0 <removed> (medium)
 	- mysql-5.1 5.1.41-4 (medium)
 	- cyassl <not-affected> (Fixed before initial upload to archive)
-	NOTE: http://intevydis.blogspot.com/2010/01/mysq-yassl-stack-overflow.html
+	NOTE: http://web.archive.org/web/20100129040903/http://intevydis.blogspot.com:80/2010/01/mysq-yassl-stack-overflow.html
 	NOTE: http://bazaar.launchpad.net/~mysql/mysql-server/mysql-5.0/revision/2837.1.1
 CVE-2009-4483 (Unspecified vulnerability in LDAP3A.exe in MailSite 8.0.4 allows ...)
 	NOT-FOR-US: MailSite
@@ -2671,7 +2671,7 @@ CVE-2009-4023 (Argument injection vulnerability in the sendmail implementation o
 CVE-2009-4022 (Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before ...)
 	{DSA-1961-1}
 	- bind9 1:9.6.1.dfsg.P2-1 (medium)
-	NOTE: <https://www.isc.org/node/504>
+	NOTE: https://www.isc.org/node/504
 	NOTE: Only affects installations with trust anchors, but then the
 	NOTE: consequences are quite severe.
 CVE-2009-4020 (Stack-based buffer overflow in the hfs subsystem in the Linux kernel ...)
@@ -2683,8 +2683,8 @@ CVE-2009-4019 (mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does
 	{DSA-1997-1}
 	- mysql-5.1 5.1.41-1
 	- mysql-dfsg-5.0 <removed>
-	NOTE: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html
-	NOTE: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
+	NOTE: http://web.archive.org/web/20140722233305/http://dev.mysql.com/doc/refman/5.1/en/news-5-1-41.html
+	NOTE: http://web.archive.org/web/20140723045533/http://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html
 	NOTE: http://bugs.mysql.com/47780
 	NOTE: http://bugs.mysql.com/48291
 CVE-2009-4018 (The proc_open function in ext/standard/proc_open.c in PHP before ...)
@@ -3300,7 +3300,7 @@ CVE-2009-XXXX [multiple missing input sanity checks in KDE]
 	[lenny] - kdelibs <no-dsa> (minor and unlikely to be exploited)
 	[etch] - kdelibs <no-dsa> (minor and unlikely to be exploited)
 	NOTE: http://www.ocert.org/advisories/ocert-2009-015.html
-	NOTE: http://www.portcullis-security.com/advisories
+	NOTE: https://www.portcullis-security.com/security-research-and-downloads/security-advisories/pre-2014-advisories/
 	NOTE: advisory mentions kmail and ark (from kdepim and kdeutils, respectively)
 	NOTE: but the "fixes" linked from the advisory only change code in kdelibs
 	NOTE: more info at oss-sec threads
@@ -7402,7 +7402,7 @@ CVE-2009-2347 (Multiple integer overflows in inter-color spaces conversion tools
 CVE-2009-2346 (The IAX2 protocol implementation in Asterisk Open Source 1.2.x before ...)
 	- asterisk 1:1.6.2.0~dfsg~beta3-1 (bug #539473)
 	[etch] - asterisk <end-of-life> (Etch Packages no longer covered by security support)
-	[lenny] - asterisk <no-dsa> (Intrusive protocol-level vulnerabilitity, see http://downloads.asterisk.org/pub/security/IAX2-security.pdf)
+	[lenny] - asterisk <no-dsa> (Intrusive protocol-level vulnerabilitity, see http://downloads.asterisk.org/pub/security/IAX2-security.pdf )
 CVE-2009-2345 (Multiple SQL injection vulnerabilities in ClanSphere before 2009.0.1 ...)
 	NOT-FOR-US: ClanSphere
 CVE-2009-2344 (The web-based management interfaces in Sourcefire Defense Center (DC) ...)
@@ -8956,7 +8956,7 @@ CVE-2009-1725 (WebKit in Apple Safari before 4.0.2, as used on iPhone OS before
 	- kde4libs <not-affected> (medium; bug #538349)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=513813#c18
 	NOTE: patch http://trac.webkit.org/changeset/44799/
-	NOTE: PoC https://cevans-app.appspot.com/static/webkitentityoffbyone.html
+	NOTE: PoC http://web.archive.org/web/20110813092643/https://cevans-app.appspot.com/static/webkitentityoffbyone.html
 CVE-2009-1724 (Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari ...)
 	- qt4-x11 <not-affected> (bug #538403)
 	[etch] - qt4-x11 <not-affected> (webkit support introduced in version 4.4)
@@ -9572,15 +9572,15 @@ CVE-2009-1548 (SQL injection vulnerability in index.php in BluSky CMS allows rem
 	NOT-FOR-US: BluSky CMS
 CVE-2009-XXXX [prewkikka: pasword world-readable]
 	- prewikka 0.9.11.3-2 (low; bug #527476)
-	NOTE: FEDORA-2009-3761 (http://lwn.net/Articles/330642)
+	NOTE: FEDORA-2009-3761 http://lwn.net/Articles/330642
 CVE-2009-XXXX [prelude-manager: password world-readable]
 	- prelude-manager <not-affected> (The postinst sets correct permissions, see bug #527344)
-	NOTE: FEDORA-2009-3931 (http://lwn.net/Articles/331612)
+	NOTE: FEDORA-2009-3931 http://lwn.net/Articles/331612
 CVE-2009-XXXX [bash-completion: does not properly quote characters]
 	- bash-completion 200811xx~bzr1223 (bug #259987)
 	NOTE: adding this reference to track the fact that this has already been addressed by debian security
 	NOTE: fixed over a year ago in debian; but fedora finally got around to addressing the issue recently
-	NOTE: FEDORA-2009-3639 (http://lwn.net/Articles/331605)
+	NOTE: FEDORA-2009-3639 http://lwn.net/Articles/331605
 CVE-2009-1547 (Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, ...)
 	NOT-FOR-US: Microsoft Internet Explorer
 CVE-2009-1546 (Integer overflow in Avifil32.dll in the Windows Media file handling ...)
@@ -10274,12 +10274,12 @@ CVE-2009-1292 (UCM-CQ in IBM Rational ClearCase 7.0.0.x before 7.0.0.5, 7.0.1.x
 CVE-2009-1371 (The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before ...)
 	{DSA-1771-1}
 	- clamav 0.95.1+dfsg-1
-	NOTE: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1552
+	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=1552
 CVE-2009-1372 (Stack-based buffer overflow in the cli_url_canon function in ...)
 	- clamav 0.95.1+dfsg-1
 	[etch] - clamav <not-affected> (vulnerable code not present)
 	[lenny] - clamav <not-affected> (vulnerable code not present)
-	NOTE: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1552
+	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=1552
 CVE-2009-1291 (Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, ...)
 	NOT-FOR-US: SmartSockets
 CVE-2009-1290 (Multiple cross-site request forgery (CSRF) vulnerabilities in the web ...)
@@ -13087,7 +13087,7 @@ CVE-2009-0217 (The design of the W3C XML Signature Syntax and Processing (XMLDsi
 	[lenny] - xmlsec1 <no-dsa> (Minor issue)
 	- mono 2.4.2.3+dfsg-1
 	NOTE: http://www.w3.org/QA/2009/07/hmac_truncation_in_xml_signatu.html
-	NOTE: http://anonsvn.mono-project.com/viewvc?view=rev&revision=137891
+	NOTE: http://web.archive.org/web/20090124230233/http://anonsvn.mono-project.com:80/viewvc?view=rev
 	NOTE: http://www.aleksey.com/xmlsec/download.html (1.2.12 has fix)
 	- sun-java6 6-15-1
 	[lenny] - sun-java6 6-20-0lenny1
diff --git a/data/CVE/list.2010 b/data/CVE/list.2010
index de6565d402..096989dce4 100644
--- a/data/CVE/list.2010
+++ b/data/CVE/list.2010
@@ -3900,7 +3900,7 @@ CVE-2010-3762 (ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does
 	{DSA-2130-1}
 	- bind9 1:9.7.2.dfsg.P2-1 (bug #599515)
 	NOTE: http://ftp.isc.org/isc/bind9/9.7.2-P2/RELEASE-NOTES-BIND-9.7.2-P2.html
-	NOTE: ACL bypass claimed to only affect >=9.7.2: https://lists.isc.org/pipermail/bind-announce/2010-September/000655.html
+	NOTE: ACL bypass claimed to only affect >=9.7.2: https://kb.isc.org/article/AA-00935/0/CVE-2010-3762%3A-failure-to-handle-bad-signatures-if-multiple-trust-anchors-configured.html 
 	NOTE: The crash with multiple trust anchors affects 9.6 and is fixed in 9.6-ESV-R2.
 CVE-2010-3761 (Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
@@ -11165,7 +11165,7 @@ CVE-2010-0986 (Adobe Shockwave Player before 11.5.7.609 does not properly proces
 	NOT-FOR-US: Adobe Shockwave Player
 CVE-2010-XXXX [dojo can be used as a redirector]
 	- dojo 1.4.2+dfsg-1 (low)
-	NOTE: http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory/
+	NOTE: http://web.archive.org/web/20101029020014/http://dojotoolkit.org/blog/post/dylan/2010/03/dojo-security-advisory/
 	NOTE: http://bugs.dojotoolkit.org/ticket/10773
 CVE-2010-0985 (Directory traversal vulnerability in the Abbreviations Manager ...)
 	NOT-FOR-US: com_abbrev component for Joomla!
@@ -12532,7 +12532,7 @@ CVE-2010-0438 (Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm
 	- otrs <not-affected> (vulnerable code not present)
 	[etch] - otrs2 <not-affected> (vulnerable code not present)
 	- otrs2 2.4.7-1 (medium)
-	NOTE: http://otrs.org/advisory/OSA-2010-01-en/
+	NOTE: http://web.archive.org/web/20111224162621/http://otrs.org/advisory/OSA-2010-01-en/
 CVE-2010-0437 (The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux ...)
 	- linux-2.6 2.6.26-9
 CVE-2010-0436 (Race condition in backend/ctrl.c in KDM in KDE Software Compilation ...)
diff --git a/data/CVE/list.2011 b/data/CVE/list.2011
index 20a28ff47a..0b596b87de 100644
--- a/data/CVE/list.2011
+++ b/data/CVE/list.2011
@@ -614,7 +614,7 @@ CVE-2011-5054 (kcheckpass passes a user-supplied argument to the pam_start funct
 	NOTE: the kcheckpass utility is not present in sid (still present in src package, will check with KDE maints)
 	NOTE: Not exploitable without OpenPAM
 CVE-2011-5053 (The Wi-Fi Protected Setup (WPS) protocol, when the &quot;external ...)
-	NOT-FOR-US: This vulnerability affects a protocol, not a product. More information can be found at http://www.kb.cert.org/vuls/id/723755. All products listed there are not part of Debian.
+	NOT-FOR-US: This vulnerability affects a protocol, not a product. More information can be found at http://www.kb.cert.org/vuls/id/723755 . All products listed there are not part of Debian.
 CVE-2011-5052 (Stack-based buffer overflow in CoCSoft Stream Down 6.8.0 allows remote ...)
 	NOT-FOR-US: CoCSoft Stream Down
 CVE-2011-5051 (Multiple unrestricted file upload vulnerabilities in the WP Symposium ...)
@@ -3099,7 +3099,7 @@ CVE-2011-4029 (The LockServer function in os/utils.c in X.Org xserver before 1.1
 	[squeeze] - xorg-server 2:1.7.7-14
 	[lenny] - xorg-server <no-dsa> (Minor issue)
 	NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=b67581cf825940fdf52bf2e0af4330e695d724a4
-	NOTE: this has a poc now: http://vladz.devzero.fr/Xorg-CVE-2011-4029.txt
+	NOTE: this has a poc now: http://web.archive.org/web/20111204204028/http://vladz.devzero.fr:80/Xorg-CVE-2011-4029.txt
 CVE-2011-4028 (The LockServer function in os/utils.c in X.Org xserver before 1.11.2 ...)
 	- xorg-server 2:1.11.1.901-2 (low)
 	[squeeze] - xorg-server 2:1.7.7-14
@@ -6950,7 +6950,7 @@ CVE-2011-2724 (The check_mtab function in client/mount.cifs.c in mount.cifs in s
 	- cifs-utils 2:5.1-1 (low)
 	[squeeze] - cifs-utils 2:4.5-2+squeeze1
 	NOTE: cifs-utils was split off from the samba source package with 2:3.4.7~dfsg-2, so marking it as fixed
-	NOTE: http://git.samba.org/?p=cifs-utils.git;a=commit;h=1e7a32924b22d1f786b6f490ce8590656f578f91
+	NOTE: http://web.archive.org/web/20111209193822/http://git.samba.org/?p=cifs-utils.git;a=commit;h=1e7a32924b22d1f786b6f490ce8590656f578f91
 CVE-2011-2723 (The skb_gro_header_slow function in include/linux/netdevice.h in the ...)
 	{DSA-2303-1}
 	- linux-2.6 3.0.0-2
@@ -7022,7 +7022,7 @@ CVE-2011-2702 (Integer signedness error in Glibc before 2.13 and eglibc before 2
 	- eglibc 2.13-10
 	[squeeze] - eglibc <not-affected> (ssse3 optimizations not included in squeeze version)
 	- glibc <not-affected> (ssse3 optimizations not included)
-	NOTE: http://www.nodefense.org/eglibc.txt
+	NOTE: http://web.archive.org/web/20110824011938/http://www.nodefense.org:80/eglibc.txt
 	NOTE: fixed well before 2.13-10, but that is the present testing version that was available to check
 CVE-2011-2701 (The ocsp_check function in rlm_eap_tls.c in FreeRADIUS 2.1.11, when ...)
 	- freeradius <not-affected> (Introduced in 2.1.11, even sid ships 2.1.10+dfsg-3+b2)
@@ -8964,7 +8964,7 @@ CVE-2011-1948 (Cross-site scripting (XSS) vulnerability in Plone 4.1 and earlier
 	- plone3 <removed>
 CVE-2011-1947 (fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time ...)
 	- fetchmail 6.3.22-1 (unimportant)
-	NOTE: http://gitorious.org/fetchmail/fetchmail/blobs/legacy_63/fetchmail-SA-2011-01.txt
+	NOTE: http://www.fetchmail.info/fetchmail-SA-2011-01.txt
 CVE-2011-1946 (gnomesu-pam-backend in libgnomesu 1.0.0 prints an error message but ...)
 	NOT-FOR-US: libgnomesu
 CVE-2011-1945 (The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and ...)
@@ -10131,7 +10131,7 @@ CVE-2011-XXXX [htmlpurifier various]
 	- php-htmlpurifier 4.3.0+dfsg1-1 (unimportant)
 	- mahara 1.2.5-1
 	[lenny] - mahara 1.0.4-4+lenny10
-	NOTE: http://htmlpurifier.org/news/2011/0327-4.3.0-released
+	NOTE: http://web.archive.org/web/20120515064303/http://htmlpurifier.org/news/2011/0327-4.3.0-released
 	NOTE: htmlpurifier only provides library functions, it's not vulnerable by itself
 	NOTE: If apps are vulnerable, this must be addressed there (as done for Mahara)
 CVE-2011-1517
@@ -10179,7 +10179,7 @@ CVE-2011-1498 (Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when
 	- httpcomponents-client 4.1.1-1 (bug #628727)
 	[squeeze] - httpcomponents-client 4.0.1-1squeeze1
 	NOTE: http://seclists.org/oss-sec/2011/q2/188
-	NOTE: http://www.apache.org/dist/httpcomponents/httpclient/RELEASE_NOTES-4.1.x.txt
+	NOTE: http://web.archive.org/web/20130102213624/http://www.apache.org/dist/httpcomponents/httpclient/RELEASE_NOTES-4.1.x.txt
 CVE-2011-1497
 	RESERVED
 CVE-2011-1496 (tmux 1.3 and 1.4 does not properly drop group privileges, which allows ...)
@@ -11124,7 +11124,7 @@ CVE-2011-1158 (Cross-site scripting (XSS) vulnerability in feedparser.py in Univ
 	[wheezy] - planet-venus <no-dsa> (Minor issue)
 	[squeeze] - planet-venus <no-dsa> (Minor issue)
 	[lenny] - planet-venus <no-dsa> (Minor issue)
-	NOTE: https://code.google.com/p/feedparser/issues/detail?id=255
+	NOTE: http://web.archive.org/web/20120304003020/https://code.google.com/p/feedparser/issues/detail?id=255
 CVE-2011-1157 (Cross-site scripting (XSS) vulnerability in feedparser.py in Universal ...)
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
@@ -11133,7 +11133,7 @@ CVE-2011-1157 (Cross-site scripting (XSS) vulnerability in feedparser.py in Univ
 	[wheezy] - planet-venus <no-dsa> (Minor issue)
 	[squeeze] - planet-venus <no-dsa> (Minor issue)
 	[lenny] - planet-venus <no-dsa> (Minor issue)
-	NOTE: https://code.google.com/p/feedparser/issues/detail?id=254
+	NOTE: http://web.archive.org/web/20120211010803/https://code.google.com/p/feedparser/issues/detail?id=254
 CVE-2011-1156 (feedparser.py in Universal Feed Parser (aka feedparser or ...)
 	- feedparser 5.0.1-1 (low; bug #617998)
 	[squeeze] - feedparser <no-dsa> (Minor issue)
@@ -11142,7 +11142,7 @@ CVE-2011-1156 (feedparser.py in Universal Feed Parser (aka feedparser or ...)
 	[wheezy] - planet-venus <no-dsa> (Minor issue)
 	[squeeze] - planet-venus <no-dsa> (Minor issue)
 	[lenny] - planet-venus <no-dsa> (Minor issue)
-	NOTE: https://code.google.com/p/feedparser/issues/detail?id=91
+	NOTE: http://web.archive.org/web/20130326201801/http://code.google.com/p/feedparser/issues/detail?id=91
 CVE-2011-1155 (The writeState function in logrotate.c in logrotate 3.7.9 and earlier ...)
 	- logrotate 3.8.0-1
 	[squeeze] - logrotate <no-dsa> (Minor issue)
@@ -11632,8 +11632,8 @@ CVE-2011-1003 (Double free vulnerability in the vba_read_project_strings functio
 	- clamav 0.97+dfsg-1 (low)
 	[squeeze] - clamav 0.97+dfsg-2~squeeze1 (bug #617444)
 	[lenny] - clamav <end-of-life>
-	NOTE: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2486
-	NOTE: http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=d21fb8d975f8c9688894a8cef4d50d977022e09f
+	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=2486
+	NOTE: http://web.archive.org/web/20110304224953/http://git.clamav.net:80/gitweb?p=clamav-devel.git;a=commit;h=d21fb8d975f8c9688894a8cef4d50d977022e09f
 CVE-2011-1002 (avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows ...)
 	{DSA-2174-1}
 	- avahi 0.6.28-4 (bug #614785)
@@ -12379,7 +12379,7 @@ CVE-2011-0725 (Absolute path traversal vulnerability in the ...)
 CVE-2011-0724 (The Live DVD for Edubuntu 9.10, 10.04 LTS, and 10.10 does not ...)
 	- italc <not-affected> (Only Edubuntu Live DVD affected)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/italc/+bug/714864
-	NOTE: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-February/001245.html
+	NOTE: http://web.archive.org/web/20140817234205/https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-February/001245.html
 CVE-2011-0723 (FFmpeg 0.5.x, as used in MPlayer and other products, allows remote ...)
 	{DSA-2306-1}
 	- libav 4:0.6-1
@@ -13132,8 +13132,7 @@ CVE-2011-0428
 	- ikiwiki 3.20110122
 	[squeeze] - ikiwiki 3.20100815.5
 	[lenny] - ikiwiki <not-affected> (Vulnerable code not present)
-	NOTE: http://ikiwiki.info/security/
-	NOTE: http://ikiwiki.info/news/version_3.20110122/
+	NOTE: https://ikiwiki.info/security/#index38h2
 CVE-2011-0427 (Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before ...)
 	{DSA-2148-1}
 	- tor 0.2.1.29-1
diff --git a/data/CVE/list.2012 b/data/CVE/list.2012
index 44a62686d0..8af76de21e 100644
--- a/data/CVE/list.2012
+++ b/data/CVE/list.2012
@@ -1513,12 +1513,12 @@ CVE-2012-6091
 CVE-2012-6090 (Multiple stack-based buffer overflows in the expand function in ...)
 	- swi-prolog 5.10.4-5 (low; bug #697416)
 	[squeeze] - swi-prolog 5.10.1-1+squeeze1
-	NOTE: https://lists.iai.uni-bonn.de/pipermail/swi-prolog/2012/009428.html
+	NOTE: http://web.archive.org/web/20130309013536/http://web.archive.org/web/20130309013536/https://lists.iai.uni-bonn.de/pipermail/swi-prolog/2012/009428.html
 	NOTE: http://www.swi-prolog.org/git/pl.git/commitdiff/b2c88972e7515ada025e97e7d3ce3e34f81cf33e
 CVE-2012-6089 (Multiple stack-based buffer overflows in the canoniseFileName function ...)
 	- swi-prolog 5.10.4-5 (low; bug #697416)
 	[squeeze] - swi-prolog 5.10.1-1+squeeze1
-	NOTE: https://lists.iai.uni-bonn.de/pipermail/swi-prolog/2012/009428.html
+	NOTE: http://web.archive.org/web/20130309013536/http://web.archive.org/web/20130309013536/https://lists.iai.uni-bonn.de/pipermail/swi-prolog/2012/009428.html
 	NOTE: http://www.swi-prolog.org/git/pl.git/commitdiff/a9a6fc8a2a9cf3b9154b490a4b1ffaa8be4d723c
 CVE-2012-6088 (The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 ...)
 	- rpm 4.10.1-2.1 (bug #697375)
@@ -4439,9 +4439,9 @@ CVE-2012-4904 (Cross-application scripting vulnerability in Google Chrome before
 CVE-2012-4903 (Google Chrome before 18.0.1025308 on Android does not properly ...)
 	- chromium-browser <not-affected> (Chrome on Android)
 CVE-2012-4902 (Multiple cross-site request forgery (CSRF) vulnerabilities in Template ...)
-	NOT-FOR-US: Template CMS (http://template-cms.ru)
+	NOT-FOR-US: Template CMS ( http://template-cms.ru )
 CVE-2012-4901 (Cross-site scripting (XSS) vulnerability in Template CMS 2.1.1 and ...)
-	NOT-FOR-US: Template CMS (http://template-cms.ru)
+	NOT-FOR-US: Template CMS ( http://template-cms.ru )
 CVE-2012-4900
 	RESERVED
 CVE-2012-4899 (WellinTech KingView 6.5.3 and earlier uses a weak password-hashing ...)
@@ -5508,19 +5508,19 @@ CVE-2012-4442 (Monkey HTTP Daemon 0.9.3 retains the supplementary group IDs of t
 CVE-2012-4441 [jenkins XSS in CI game plugin]
 	RESERVED
 	- jenkins <not-affected> (Plugin not built in Debian source package)
-	NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
+	NOTE: http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
 CVE-2012-4440 [jenkins XSS in Violations plugin]
 	RESERVED
 	- jenkins <not-affected> (Plugin not built in Debian source package)
-	NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
+	NOTE: http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
 CVE-2012-4439 [jenkins XSS]
 	RESERVED
 	- jenkins 1.447.2+dfsg-2 (bug #688298)
-	NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
+	NOTE: http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
 CVE-2012-4438 [jenkins remote code execution]
 	RESERVED
 	- jenkins 1.447.2+dfsg-2 (bug #688298)
-	NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
+	NOTE: http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://web.archive.org/web/20130606043312/http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
 CVE-2012-4437 (Cross-site scripting (XSS) vulnerability in the SmartyException class ...)
 	- smarty3 3.1.10-2 (bug #688153)
 	- smarty <removed> (bug #702710)
@@ -5676,7 +5676,7 @@ CVE-2012-4400 (repository/repository_ajax.php in Moodle 2.2.x before 2.2.5 and 2
 CVE-2012-4399 (The Xml class in CakePHP 2.1.x before 2.1.5 and 2.2.x before 2.2.1 ...)
 	- cakephp <not-affected> (Does not affect 1.3)
 	NOTE: http://seclists.org/bugtraq/2012/Jul/101
-	NOTE: http://bakery.cakephp.org/articles/markstory/2012/07/14/security_release_-_cakephp_2_1_5_2_2_1
+	NOTE: http://web.archive.org/web/20140822011643/http://bakery.cakephp.org:80/articles/markstory/2012/07/14/security_release_-_cakephp_2_1_5_2_2_1
 CVE-2012-4398 (The __request_module function in kernel/kmod.c in the Linux kernel ...)
 	- linux 3.2.35-1 (low)
 	- linux-2.6 <removed>
@@ -10853,13 +10853,13 @@ CVE-2012-2333 (Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j,
 CVE-2012-2332 (SQL injection vulnerability in serendipity/serendipity_admin.php in ...)
 	- serendipity <removed> (bug #671937; low)
 	[squeeze] - serendipity <no-dsa> (Minor issue)
-	NOTE: http://www.koramis.com/advisories/2012/KORAMIS-ADV2012-001.txt
+	NOTE: http://web.archive.org/web/20120527103654/http://www.koramis.com:80/advisories/2012/KORAMIS-ADV2012-001.txt
 	NOTE: http://blog.s9y.org/archives/240-Serendipity-1.6.1-released.html
 	NOTE: CVE id requested http://seclists.org/oss-sec/2012/q2/276
 CVE-2012-2331 (Cross-site scripting (XSS) vulnerability in ...)
 	- serendipity <removed> (bug #671937; low)
 	[squeeze] - serendipity <no-dsa> (Minor issue)
-	NOTE: http://www.koramis.com/advisories/2012/KORAMIS-ADV2012-001.txt
+	NOTE: http://web.archive.org/web/20120527103654/http://www.koramis.com:80/advisories/2012/KORAMIS-ADV2012-001.txt
 	NOTE: http://blog.s9y.org/archives/240-Serendipity-1.6.1-released.html
 	NOTE: CVE id requested http://seclists.org/oss-sec/2012/q2/276
 CVE-2012-2330 (The Update method in src/node_http_parser.cc in Node.js before 0.6.17 ...)
diff --git a/data/CVE/list.2013 b/data/CVE/list.2013
index 528a8aecc2..7ecc099d45 100644
--- a/data/CVE/list.2013
+++ b/data/CVE/list.2013
@@ -477,7 +477,7 @@ CVE-2013-XXXX [staden-io-lib buffer overflow]
 	[wheezy] - staden-io-lib <no-dsa> (Minor issue)
 CVE-2013-XXXX [cakephp: local file inclusion]
 	- cakephp <not-affected> (AssetDispatcher not present in 1.3)
-	NOTE: http://bakery.cakephp.org/articles/markstory/2013/07/18/cakephp_2_3_8_2_2_9_released
+	NOTE: http://web.archive.org/web/20140531064939/http://bakery.cakephp.org:80/articles/markstory/2013/07/18/cakephp_2_3_8_2_2_9_released
 	NOTE: http://seclists.org/bugtraq/2013/Aug/97, needs a CVE assignment
 CVE-2013-XXXX [automysqlbackup code injection]
 	- automysqlbackup 2.6+debian.3-1 (bug #706099)
@@ -3610,7 +3610,7 @@ CVE-2013-6172 (steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0
 	{DSA-2787-1}
 	- roundcube 0.9.4-1.1 (bug #727668)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
-	NOTE: http://roundcube.net/news/2013/10/21/security-updates-095-and-087/
+	NOTE: http://web.archive.org/web/20160304042345/http://roundcube.net/news/2013/10/21/security-updates-095-and-087/
 	NOTE: http://trac.roundcube.net/ticket/1489382
 CVE-2013-6171 (checkpassword-reply in Dovecot before 2.2.7 performs setuid operations ...)
 	- dovecot 1:2.2.9-1 (low; bug #729063)
@@ -4868,8 +4868,8 @@ CVE-2013-5645 (Multiple cross-site scripting (XSS) vulnerabilities in Roundcube
 	- roundcube 0.9.4-1 (bug #721592)
 	[wheezy] - roundcube <no-dsa> (Minor issue)
 	[squeeze] - roundcube <no-dsa> (Minor issue)
-	NOTE: http://trac.roundcube.net/changeset/93b0a30c1c8aa29d862b587b31e52bcc344b8d16/github
-	NOTE: http://trac.roundcube.net/changeset/ce5a6496fd6039962ba7424d153278e41ae8761b/github
+	NOTE: http://web.archive.org/web/20160311164159/http://trac.roundcube.net/changeset/93b0a30c1c8aa29d862b587b31e52bcc344b8d16/github
+	NOTE: http://web.archive.org/web/20160311132902/http://trac.roundcube.net/changeset/ce5a6496fd6039962ba7424d153278e41ae8761b/github
 	NOTE: http://trac.roundcube.net/ticket/1489251
 CVE-2013-5644
 	RESERVED
@@ -6982,7 +6982,7 @@ CVE-2013-4717 [SQL injection]
 	RESERVED
 	{DSA-2733-1}
 	- otrs2 3.2.9-1
-	NOTE: http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-05/
+	NOTE: http://web.archive.org/web/20131023033811/http://www.otrs.com:80/en/open-source/community-news/security-advisories/security-advisory-2013-05/
 CVE-2013-4716 (Cross-site scripting (XSS) vulnerability in Tattyan HP TOWN 5_9_3 and ...)
 	NOT-FOR-US: Tattyan HP TOWN
 CVE-2013-4715 (SQL injection vulnerability in Tiki Wiki CMS Groupware 6 LTS before ...)
@@ -9113,7 +9113,7 @@ CVE-2013-4088 [Information Disclosure]
 	- otrs2 3.2.8-1
 	[squeeze] - otrs2 2.4.9+dfsg1-3+squeeze4
 	NOTE: DSA-2733-1
-	NOTE: http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-04/
+	NOTE: http://web.archive.org/web/20130827134500/http://www.otrs.com:80/en/open-source/community-news/security-advisories/security-advisory-2013-04/
 CVE-2013-4087
 	RESERVED
 CVE-2013-4086
@@ -9930,7 +9930,6 @@ CVE-2013-3738
 CVE-2013-3843 (Stack-based buffer overflow in the mk_request_header_process function ...)
 	- monkey <removed>
 	[squeeze] - monkey <no-dsa> (Minor issue)
-	NOTE: http://bugs.monkey-project.com/ticket/182
 CVE-2013-3919 (resolver.c in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, ...)
 	- bind9 <not-affected> (vulnerable code not present)
 	NOTE: https://kb.isc.org/article/AA-00967
@@ -9969,7 +9968,6 @@ CVE-2013-3725
 CVE-2013-3724 (The mk_request_header_process function in mk_request.c in Monkey 1.1.1 ...)
 	- monkey <removed> (low)
 	[squeeze] - monkey <no-dsa> (Minor issue)
-	NOTE: http://bugs.monkey-project.com/ticket/181
 CVE-2013-3723
 	RESERVED
 CVE-2013-3722
@@ -10271,7 +10269,7 @@ CVE-2013-3587 [BREACH attack against HTTP compression]
 	RESERVED
 	NOTE: not something we can concretely fix somewhere
 	NOTE: mitigations must be done in webapps
-	NOTE: http://breachattack.com/
+	NOTE: http://web.archive.org/web/20160304210825/http://breachattack.com/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=995168
 	NOTE: https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/
 	NOTE: https://www.mail-archive.com/dev@httpd.apache.org/msg57592.html
@@ -10428,7 +10426,7 @@ CVE-2013-3527 (Multiple SQL injection vulnerabilities in Vanilla Forums before .
 CVE-2013-3526 (Cross-site scripting (XSS) vulnerability in js/ta_loaded.js.php in the ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2013-3525 (** DISPUTED ** ...)
-	NOTE: http://blog.bestpractical.com/2013/04/on-our-security-policies.html
+	NOTE: http://web.archive.org/web/20151225141212/http://blog.bestpractical.com/2013/04/on-our-security-policies.html
 CVE-2013-3524 (SQL injection vulnerability in popupnewsitem/ in the Pop Up News ...)
 	NOT-FOR-US: phpVMS
 CVE-2013-3523 (SQL injection vulnerability in This HTML Is Simple (THIS) before 1.2.4 ...)
@@ -12541,7 +12539,7 @@ CVE-2013-2625
 	- otrs2 3.1.7+dfsg1-8
 	[squeeze] - otrs2 2.4.9+dfsg1-3+squeeze4
 	NOTE: DSA-2733-1
-	NOTE: http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-01/
+	NOTE: http://web.archive.org/web/20130716120019/http://www.otrs.com:80/en/open-source/community-news/security-advisories/security-advisory-2013-01/
 CVE-2013-2624
 	RESERVED
 CVE-2013-2623
@@ -13541,7 +13539,7 @@ CVE-2013-2255 [Inconsistent and non-validating HTTPS client]
 	[jessie] - nova <no-dsa> (Minor issue)
 	- quantum <unfixed>
 	[wheezy] - quantum <no-dsa> (Minor issue)
-	- swift <not-affected> (See https://bugs.launchpad.net/keystone/+bug/1188189/comments/5)
+	- swift <not-affected> (See https://bugs.launchpad.net/keystone/+bug/1188189/comments/5 )
 	NOTE: Fixes for keystone: https://review.openstack.org/#/c/76476/
 CVE-2013-2254 (The deepGetOrCreateNode function in ...)
 	NOT-FOR-US: Apache Sling
@@ -17852,7 +17850,6 @@ CVE-2013-0844 (Off-by-one error in the adpcm_decode_frame function in ...)
 	[squeeze] - ffmpeg <end-of-life> (Backports to 0.5.x not useful, too many checks missing)
 	- libav 6:9.10-1
 	NOTE: ffmpeg commit: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f18c873ab5ee3c78d00fdcc2582b39c133faecb4
-	NOTE: libav commit: http://git.libav.org/?p=libav.git;a=commitdiff;h=12576afe206d35231ccd61f9033c5fdab6a11e08
 	NOTE: Fixed in 0.8.9
 CVE-2013-0843 (content/renderer/media/webrtc_audio_renderer.cc in Google Chrome ...)
 	- chromium-browser <not-affected> (MacOS-specific)
diff --git a/data/CVE/list.2014 b/data/CVE/list.2014
index 17a54c87e9..9fd711f9d4 100644
--- a/data/CVE/list.2014
+++ b/data/CVE/list.2014
@@ -743,7 +743,7 @@ CVE-2014-9601 (Pillow before 2.7.0 allows remote attackers to cause a denial of
 	[wheezy] - python-imaging <no-dsa> (Minor issue)
 	[squeeze] - python-imaging <no-dsa> (Minor issue)
 	NOTE: https://github.com/python-pillow/Pillow/commit/b3e09122e527ae554eb590741bbd7611d5710e40
-	NOTE: http://pillow.readthedocs.org/releasenotes/2.7.0.html#png-text-chunk-size-limits
+	NOTE: http://web.archive.org/web/20150921104441/http://pillow.readthedocs.org:80/releasenotes/2.7.0.html#png-text-chunk-size-limits
 CVE-2014-9600 (Untrusted search path vulnerability in Macroplant iExplorer 3.6.3.0 ...)
 	NOT-FOR-US: Macroplant iExplorer
 CVE-2014-9599 (Cross-site scripting (XSS) vulnerability in the filemanager in ...)
@@ -2427,7 +2427,7 @@ CVE-2014-8104 (OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x b
 	{DSA-3084-1 DLA-98-1}
 	- openvpn 2.3.4-5
 	NOTE: https://github.com/OpenVPN/openvpn/commit/c5590a6821e37f3b29735f55eb0c2b9c0924138c
-	NOTE: https://forums.openvpn.net/topic17625.html
+	NOTE: http://web.archive.org/web/20150514123219/https://forums.openvpn.net/topic17625.html
 CVE-2014-9272 (The string_insert_href function in MantisBT 1.2.0a1 through 1.2.x ...)
 	{DSA-3120-1}
 	- mantis <removed>
@@ -3571,6 +3571,7 @@ CVE-2014-8716 [crafted jpeg file could lead to DOS]
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26456
 	NOTE: Patch here: http://trac.imagemagick.org/changeset/16872
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: Name or service not known
 CVE-2014-8714 (The dissect_write_structured_field function in ...)
 	{DSA-3076-1 DLA-198-1}
 	- wireshark 1.12.1+g01b65bf-2 (bug #769410)
@@ -3943,6 +3944,7 @@ CVE-2014-8355 [buffer overflow in PCX parser]
 	[wheezy] - imagemagick <no-dsa> (Minor issue)
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
 	NOTE: Upstream commit: http://trac.imagemagick.org/changeset/16773 (imagemagick)
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: Name or service not known
 	NOTE: https://int21.de/cve/CVE-2014-8355-pcx-oob-heap-overflow.html
 	- graphicsmagick 1.3.20-3+deb8u1 (bug #778238)
 	[wheezy] - graphicsmagick <no-dsa> (Minor issue)
@@ -3955,7 +3957,7 @@ CVE-2014-8562 [buffer overflow in DCM parser]
 	[wheezy] - imagemagick <no-dsa> (Minor issue)
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
 	NOTE: Upstream patch: http://trac.imagemagick.org/changeset/16795
-	NOTE: https://int21.de/cve/CVE-2014-8562-dcm-oob-heap-overflow.html
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: Name or service not known
 CVE-2014-8354 [out-of-bounds memory access in resize code]
 	RESERVED
 	{DLA-242-1}
@@ -3964,6 +3966,7 @@ CVE-2014-8354 [out-of-bounds memory access in resize code]
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
 	NOTE: https://int21.de/cve/CVE-2014-8354-oob-heap-overflow.html
 	NOTE: Upstream commit: http://trac.imagemagick.org/changeset/16765
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: Name or service not known
 CVE-2014-8561 [Remotely DOS: convert +profile regression enters infinite loop exhausting memory]
 	RESERVED
 	- imagemagick 8:6.8.9.9-1 (bug #764872)
@@ -13044,7 +13047,7 @@ CVE-2014-4909 (Integer overflow in the tr_bitfieldEnsureNthBitAlloced function i
 	- transmission 2.84-0.1 (bug #755985)
 	[squeeze] - transmission <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.transmissionbt.com/wiki/Changes#version-2.84
-	NOTE: PoC: http://inertiawar.com/submission.go
+	NOTE: PoC: http://web.archive.org/web/20140815000641/http://inertiawar.com:80/submission.go
 CVE-2014-4723 (Cross-site scripting (XSS) vulnerability in the Easy Banners plugin ...)
 	NOT-FOR-US: WordPress plugin Easy Banners
 CVE-2014-4724 (Cross-site scripting (XSS) vulnerability in the Custom Banners plugin ...)
@@ -18997,7 +19000,7 @@ CVE-2014-2497 (The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in
 	[wheezy] - php5 <not-affected> (imagecreatefromxpm function not in used gd extension)
 	[squeeze] - php5 <not-affected> (imagecreatefromxpm function not in used gd extension)
 	- libgd2 2.1.0-4 (low; bug #744719)
-	NOTE: http://net-ninja-mr.me/2014/03/14/php-gd-v5-4-17-2-color-visual-null-pointer-dereference/
+	NOTE: http://web.archive.org/web/20150221193227/http://net-ninja-mr.me/2014/03/14/php-gd-v5-4-17-2-color-visual-null-pointer-dereference/
 CVE-2014-2496 (Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools ...)
 	NOT-FOR-US: Oracle
 CVE-2014-2495 (Unspecified vulnerability in the PeopleSoft Enterprise SCM Purchasing ...)
@@ -20383,6 +20386,7 @@ CVE-2014-2030
 	[squeeze] - imagemagick <not-affected> (CVE only for versions with r1448 applied)
 	NOTE: for the issue in newer imagemagick versions using "L%06ld" string.
 	NOTE: http://trac.imagemagick.org/changeset/1448
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: Name or service not known
 CVE-2014-2029 [remote code execution / information leak]
 	RESERVED
 	- percona-toolkit 2.2.7-1~dfsg1 (bug #740846)
@@ -20413,6 +20417,7 @@ CVE-2014-1958 [PSD Images Processing RLE Decoding Buffer Overflow Vulnerability]
 	NOTE: squeeze: DecodePSDPixels not present but there was a rewrite from DecodeImage?
 	NOTE: http://secunia.com/advisories/56844/
 	NOTE: http://trac.imagemagick.org/changeset/14801
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: Name or service not known
 CVE-2014-1950 (Use-after-free vulnerability in the xc_cpupool_getinfo function in Xen ...)
 	{DSA-3006-1}
 	- xen 4.4.0-1
@@ -20434,7 +20439,7 @@ CVE-2014-1947 [Buffer overflow vulnerability]
 	RESERVED
 	{DSA-2898-1}
 	- imagemagick 8:6.7.7.10+dfsg-1 (bug #740250)
-	NOTE: http://trac.imagemagick.org/changeset/13736
+	NOTE: http://web.archive.org/web/20090120112751/http://trac.imagemagick.org:80/changeset/13736
 	- graphicsmagick 1.3.20-1 (unimportant)
 	NOTE: for graphicsmagick: https://bugzilla.redhat.com/show_bug.cgi?id=1064098#c13
 	NOTE: Rendered non-exploitable by fortified source for graphicsmagick
diff --git a/data/CVE/list.2015 b/data/CVE/list.2015
index c814036f16..e54ec1647e 100644
--- a/data/CVE/list.2015
+++ b/data/CVE/list.2015
@@ -260,16 +260,16 @@ CVE-2015-8794 (Absolute path traversal vulnerability in ...)
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://www.scip.ch/en/?vuldb.80732
-	NOTE: https://roundcube.net/news/2015/06/05/updates-1.1.2-and-1.0.6-released/
+	NOTE: http://web.archive.org/web/20160329044745/http://roundcube.net/news/2015/06/05/updates-1.1.2-and-1.0.6-released
 	NOTE: http://trac.roundcube.net/ticket/1490379
 CVE-2015-8793 (Cross-site scripting (XSS) vulnerability in program/include/rcmail.php ...)
 	- roundcube 1.1.2+dfsg.1-1
 	[wheezy] - roundcube <not-affected> (Vulnerable code not present)
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
-	NOTE: https://roundcube.net/news/2015/06/05/updates-1.1.2-and-1.0.6-released/
+	NOTE: http://web.archive.org/web/20160329044745/http://roundcube.net/news/2015/06/05/updates-1.1.2-and-1.0.6-released
 	NOTE: http://www.scip.ch/en/?vuldb.80731
 	NOTE: http://trac.roundcube.net/ticket/1490417 - mentions 1.0 not vulnerable, verified code not present in squeeze
-	NOTE: http://trac.roundcube.net/changeset/b782815dac/github
+	NOTE: http://web.archive.org/web/20150627125240/http://trac.roundcube.net:80/changeset/b782815dac/github
 CVE-2015-8791 (The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 ...)
 	{DSA-3538-1 DLA-438-1}
 	- libebml 1.3.3-1
@@ -408,7 +408,7 @@ CVE-2015-8771 [Possibility of code injection when setting passwords for Samba]
 CVE-2015-8770 (Directory traversal vulnerability in the set_skin function in ...)
 	{DSA-3541-1 DLA-392-1}
 	- roundcube 1.1.4+dfsg.1-1
-	NOTE: https://roundcube.net/news/2015/12/26/updates-1.1.4-and-1.0.8-released/
+	NOTE: http://web.archive.org/web/20160329044421/http://roundcube.net/news/2015/12/26/updates-1.1.4-and-1.0.8-released
 	NOTE: https://github.com/roundcube/roundcubemail/commit/10e5192a2b1bc90ec137f5e69d0aa072c1210d6d
 CVE-2015-8769 (SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows ...)
 	- joomla <itp> (bug #571794)
@@ -453,7 +453,7 @@ CVE-2015-XXXX [use after free / double free]
 	[wheezy] - lighttpd <not-affected> (Regression introduced in 1.4.36)
 	[squeeze] - lighttpd <not-affected> (Regression introduced in 1.4.36)
 	NOTE: http://redmine.lighttpd.net/issues/2700
-	NOTE: Introduced in 1.4.36: http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2976
+	NOTE: Introduced in 1.4.36: http://web.archive.org/web/20150906061055/http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2976
 CVE-2015-8764 [one byte buffer overrun]
 	RESERVED
 	- freeradius <not-affected> (Affects 3.0 up to 3.0.8)
@@ -2712,6 +2712,7 @@ CVE-2015-8105 (Cross-site scripting (XSS) vulnerability in program/js/app.js in
 	[squeeze] - roundcube <not-affected> (Vulnerable code not present)
 	NOTE: http://trac.roundcube.net/ticket/1490530
 	NOTE: http://trac.roundcube.net/changeset/dd7db2179/github
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: 404
 CVE-2015-XXXX [directory traversal in servefile]
 	- servefile 0.4.4-1
 	[jessie] - servefile <no-dsa> (Minor issue)
@@ -3070,6 +3071,7 @@ CVE-2015-XXXX [buffer overflow with handling pop3_deleted_flag setting]
 	[wheezy] - dovecot <not-affected> (Bug with pop3_deleted_flag introduced in 2.2.10)
 	[squeeze] - dovecot <not-affected> (Bug with pop3_deleted_flag introduced in 2.2.10)
 	NOTE: http://hg.dovecot.org/dovecot-2.2/rev/05e0700daea3
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: 404
 CVE-2015-8019 [Buffer overflow when copying data from skbuff to userspace]
 	RESERVED
 	- linux <not-affected> (Vulnerable code not present)
@@ -6482,7 +6484,7 @@ CVE-2015-6817 [authentication bypass]
 	[jessie] - pgbouncer <not-affected> (Introduced in 1.6)
 	[wheezy] - pgbouncer <not-affected> (Introduced in 1.6)
 	[squeeze] - pgbouncer <not-affected> (Introduced in 1.6)
-	NOTE: https://pgbouncer.github.io/2015/09/pgbouncer-1-6-1/
+	NOTE: http://web.archive.org/web/20150905195759/http://pgbouncer.github.io/2015/09/pgbouncer-1-6-1/
 	NOTE: https://github.com/pgbouncer/pgbouncer/issues/69
 	NOTE: http://www.openwall.com/lists/oss-security/2015/09/04/3
 CVE-2015-XXXX [val_dane_check: usage DANE-TA(2) may bypass cert validation entirely]
@@ -15792,13 +15794,13 @@ CVE-2015-3420 [SSL/TLS handshake failures leading to a crash of the login proces
 	[wheezy] - dovecot <not-affected> (Problematic patch introducing the issue not applied)
 	[squeeze] - dovecot <not-affected> (Vulnerable code not present & not reproducible)
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/26/3
-	NOTE: Patch: http://hg.dovecot.org/dovecot-2.2/rev/86f535375750
+	NOTE: Patch: http://web.archive.org/web/20150907231530/http://hg.dovecot.org/dovecot-2.2/rev/86f535375750
 	NOTE: Segfault reproducible if using openssl/1.0.2a-1 from sid.
 	NOTE: http://dovecot.org/pipermail/dovecot/2015-April/100579.html
 	NOTE: It is openssl crashing but because dovecot ignores an erlier
 	NOTE: returned error from dovecot, related to openssl bug:
 	NOTE: https://rt.openssl.org/Ticket/Display.html?id=3818&user=guest&pass=guest
-	NOTE: Possibly introduced due to http://hg.dovecot.org/dovecot-2.2/rev/09d3c9c6f0ad
+	NOTE: Possibly introduced due to http://web.archive.org/web/20150121182933/http://hg.dovecot.org:80/dovecot-2.2/rev/09d3c9c6f0ad
 CVE-2015-3440 (Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in ...)
 	{DSA-3250-1 DLA-236-1}
 	- wordpress 4.2.1+dfsg-1 (bug #783554)
@@ -16367,6 +16369,7 @@ CVE-2015-3239 (Off-by-one error in the dwarf_to_unw_regnum function in ...)
 	[jessie] - libunwind <no-dsa> (Minor issue)
 	[wheezy] - libunwind <no-dsa> (Minor issue)
 	NOTE: http://savannah.nongnu.org/bugs/?45276
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: 404
 	NOTE: http://git.savannah.gnu.org/cgit/libunwind.git/commit/?id=396b6c7ab737e2bff244d640601c436a26260ca1
 CVE-2015-3238 (The _unix_run_helper_binary function in the pam_unix module in ...)
 	- pam 1.1.8-3.2 (bug #789986)
@@ -16577,7 +16580,7 @@ CVE-2015-3203 (Unrestricted file upload vulnerability in h5ai before 0.25.0 allo
 CVE-2015-3202 (fusermount in FUSE before 2.9.3-15 does not properly clear the ...)
 	{DSA-3268-2 DSA-3268-1 DSA-3266-1 DLA-238-1 DLA-226-2 DLA-226-1}
 	- fuse 2.9.3-16 (bug #786439)
-	NOTE: Upstream fix: http://sourceforge.net/p/fuse/fuse/ci/fe2d96/
+	NOTE: Upstream fix: http://web.archive.org/web/20150529051222/http://sourceforge.net:80/p/fuse/fuse/ci/fe2d96
 	- ntfs-3g 1:2014.2.15AR.3-3 (bug #786475)
 	NOTE: ntfs-3g source wise affected but wheezy version uses --with-fuse=external
 	NOTE: ntfs-3g is built with internal copy since 1:2013.1.13AR.3-2
@@ -16648,7 +16651,7 @@ CVE-2015-3185 (The ap_some_auth_required function in server/request.c in the Apa
 	[wheezy] - apache2 <not-affected> (Bug introduced during 2.4 development)
 	[squeeze] - apache2 <not-affected> (Bug introduced during 2.4 development)
 	NOTE: https://www.apache.org/dist/httpd/Announcement2.4.txt
-	NOTE: https://www.apache.org/dist/httpd/CHANGES_2.4.16
+	NOTE: http://web.archive.org/web/20150918024815/http://www.apache.org:80/dist/httpd/CHANGES_2.4.16
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1684525
 	NOTE: Behavior changed in 2.4.x refactoring, API no longer usable in 2.4.x
 CVE-2015-3184 (mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x ...)
@@ -16663,7 +16666,7 @@ CVE-2015-3183 (The chunked transfer coding implementation in the Apache HTTP Ser
 	{DSA-3325-1 DLA-284-1}
 	- apache2 2.4.16-1
 	NOTE: https://www.apache.org/dist/httpd/Announcement2.4.txt
-	NOTE: https://www.apache.org/dist/httpd/CHANGES_2.4.16
+	NOTE: http://web.archive.org/web/20150918024815/http://www.apache.org:80/dist/httpd/CHANGES_2.4.16
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1684515
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1687338 (2.2.x)
 	NOTE: http://svn.apache.org/viewvc?view=revision&revision=1687339 (2.2.x)
@@ -19289,7 +19292,7 @@ CVE-2015-XXXX [denial of service flaw in VICAR file processing]
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/20/4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26933
-	NOTE: http://trac.imagemagick.org/changeset/17856
+	NOTE: http://web.archive.org/web/20150428140926/http://trac.imagemagick.org/changeset/17856
 CVE-2015-XXXX [denial of service flaw in PDB file processing]
 	[experimental] - imagemagick 8:6.9.1.2-1
 	- imagemagick 8:6.8.9.9-6 (low)
@@ -19298,7 +19301,7 @@ CVE-2015-XXXX [denial of service flaw in PDB file processing]
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/20/4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26932
-	NOTE: http://trac.imagemagick.org/changeset/17855
+	NOTE: http://web.archive.org/web/20150428145652/http://trac.imagemagick.org/changeset/17855
 CVE-2015-XXXX [denial of service flaw in MIFF file processing]
 	[experimental] - imagemagick 8:6.9.1.2-1
 	- imagemagick 8:6.8.9.9-6
@@ -19308,6 +19311,7 @@ CVE-2015-XXXX [denial of service flaw in MIFF file processing]
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/20/4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26931
 	NOTE: http://trac.imagemagick.org/changeset/17854
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: Name or service not known
 CVE-2015-XXXX [denial of service flaw in HDR file processing]
 	[experimental] - imagemagick 8:6.9.1.2-1
 	- imagemagick 8:6.8.9.9-6
@@ -19316,8 +19320,8 @@ CVE-2015-XXXX [denial of service flaw in HDR file processing]
 	[squeeze] - imagemagick <no-dsa> (Minor issue)
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/20/4
 	NOTE: http://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=26929
-	NOTE: http://trac.imagemagick.org/changeset/17845
-	NOTE: http://trac.imagemagick.org/changeset/17846
+	NOTE: http://web.archive.org/web/20150501030131/http://trac.imagemagick.org/changeset/17845
+	NOTE: http://web.archive.org/web/20150429001241/http://trac.imagemagick.org/changeset/17846
 CVE-2015-XXXX [Incomplete fix for CVE-2014-7940]
 	- icu 52.1-8 (bug #780503)
 	[wheezy] - icu <not-affected> (Incomplete patch was never applied)
@@ -19698,7 +19702,7 @@ CVE-2015-2156
 	[squeeze] - netty <no-dsa> (Minor issue)
 	NOTE: http://netty.io/news/2015/05/08/3-9-8-Final-and-3.html
 	NOTE: https://www.playframework.com/security/vulnerability/CVE-2015-2156-HttpOnlyBypass
-	NOTE: http://engineering.linkedin.com/security/look-netty%E2%80%99s-recent-security-update-cve%C2%AD-2015%C2%AD-2156
+	NOTE: http://web.archive.org/web/20150925094949/http://engineering.linkedin.com/security/look-netty%E2%80%99s-recent-security-update-cve%C2%AD-2015%C2%AD-2156
 	NOTE: https://github.com/slandelle/netty/commit/800555417e77029dcf8a31d7de44f27b5a8f79b8
 CVE-2015-2155 (The force printer in tcpdump before 4.7.2 allows remote attackers to ...)
 	{DSA-3193-1 DLA-174-1}
@@ -19856,7 +19860,7 @@ CVE-2015-XXXX [MATTA-2015-002: Enforce acceptable range for Diffie-Hellman serve
 	[squeeze] - putty 0.60+2010-02-20-1+squeeze3
 	NOTE: temporary workaround until CVE assigned to explitly tag for wheezy+squeeze
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/02/27/4
-	NOTE: https://www.trustmatta.com/advisories/MATTA-2015-002.txt (not yet published)
+	NOTE: http://advisories.mageia.org/MGASA-2015-0098.html
 CVE-2015-2172 (DokuWiki before 2014-05-05d and before 2014-09-29c does not properly ...)
 	- dokuwiki 0.0.20140929.d-1 (bug #779547)
 	[jessie] - dokuwiki 0.0.20140505.a+dfsg-4
@@ -23552,6 +23556,7 @@ CVE-2015-0839 [hp-plugin binary driver verification]
 	[squeeze] - hplip <no-dsa> (Minor issue)
 	NOTE: http://seclists.org/oss-sec/2015/q2/581
 	NOTE: https://bugs.launchpad.net/bugs/1432516
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: 404
 CVE-2015-0838 (Buffer overflow in the C implementation of the apply_delta function in ...)
 	{DSA-3206-1 DLA-231-1}
 	- dulwich 0.10.1-1 (bug #780958)
diff --git a/data/CVE/list.2016 b/data/CVE/list.2016
index d662703017..83a6405c7e 100644
--- a/data/CVE/list.2016
+++ b/data/CVE/list.2016
@@ -4647,12 +4647,14 @@ CVE-2016-2224 [denial of service while parsing compressed items]
 	- uclibc <unfixed> (unimportant)
 	NOTE: Just for cross-compiling, not used for actual packages
 	NOTE: http://repo.or.cz/uclibc-ng.git/commit/16719c1a7078421928e6d31dd1dec574825ef515
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: 404
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/05/2
 CVE-2016-2225 [crafted packet will make the parser terminate early]
 	RESERVED
 	- uclibc <unfixed> (unimportant)
 	NOTE: Just for cross-compiling, not used for actual packages
 	NOTE: http://repo.or.cz/uclibc-ng.git/commit/bb01edff0377f2585ce304ecbadcb7b6cde372ac
+	TODO: The link in the previous line is broken. Please, consider replacing it. Error: 404
 	NOTE: http://www.openwall.com/lists/oss-security/2016/02/05/2
 CVE-2016-2216 (The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 ...)
 	- nodejs 4.3.0~dfsg-1 (unimportant)
author	Luciano Bello <luciano@debian.org>	2016-04-14 20:16:46 +0000
committer	Luciano Bello <luciano@debian.org>	2016-04-14 20:16:46 +0000
commit	94101df1de214ba19697926bc95d858dc1e0f383 (patch)
tree	6dfba6ec812dc89b629a5812081687de3898265a /data/CVE
parent	57f23c3f564d22120467e0232722549dd76c873f (diff)