Date: Wed, 19 Jul 2017 20:37:08 -0600 From: Kurt Seifried <kseifried@...hat.com> To: oss-security <oss-security@...ts.openwall.com> Cc: Matthew Daley <mattd@...fuzz.com>, Kurt Seifried <kurt@...fried.org> Subject: Re: Re: ATutor CVE-2017-1000002, CVE-2017-1000003, CVE-2017-1000004 Feel free to modify it and submit a pull request! https://github.com/distributedweaknessfiling/DWF-CVE-Database/tree/master/2017/1000xxx also I submit the dwf data to mitre but we're having some teething problems. On Wed, Jul 19, 2017 at 6:59 AM, Henri Salo <henri@...v.fi> wrote: > On Wed, Jul 19, 2017 at 11:37:28PM +1200, Matthew Daley wrote: > > On 17 July 2017 at 00:01, Henri Salo <henri@...v.fi> wrote: > > > Is this assigment somehow related to this oss-security post? > > > http://www.openwall.com/lists/oss-security/2016/07/01/3 > > > > Yes. > > Thanks for your reply and clearing this up. One of the points in my email > was > that this is not documented in the DWF item well enough. There is > description_data with value, but no referer to oss-security, which should > also > use those issue numbers. Should the assigner or requester post this > information > to oss-security aswell or is the point that DWF is followed via GitHub with > custom scripts? If someone makes a pull request to the item is the > information > populated to MITRE and NVD databases and how often? > > -- > Henri Salo > -- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 Red Hat Product Security contact: secalert@...hat.com
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ