Date: Tue, 29 Sep 2015 13:12:37 +0200 From: Andreas Stieger <astieger@...e.com> To: cve-assign@...re.org Cc: oss-security@...ts.openwall.com Subject: Re: Re: CVE request for wget Hello, On 09/25/2015 10:04 PM, cve-assign@...re.org wrote: > > https://mailman.boum.org/pipermail/tails-dev/2015-August/009370.html > > https://lists.gnu.org/archive/html/bug-wget/2015-08/msg00020.html > > > http://git.savannah.gnu.org/cgit/wget.git/commit/?id=075d7556964f5a871a73c22ac4b69f5361295099 > > We really don't understand what set of expectations led to this > becoming a CVE request for a vulnerability in wget. Possibly assignments for CWE-200 including CVE-2000-0649, CVE-2002-0422 relating to exposure if an internal IP address of a communication partner. The remaining points are noted. Andreas -- Andreas Stieger <astieger@...e.com> Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) Download attachment "signature.asc" of type "application/pgp-signature" (802 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ