Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 27 Jun 2018 07:58:05 -0400
From: Alex Gaynor <alex.gaynor@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE for PyYAML RCE-factory API

Thanks -- this issue was assigned CVE-2017-18342.

Alex

On Tue, Jun 26, 2018 at 11:32 PM Seth Arnold <seth.arnold@...onical.com>
wrote:

> On Tue, Jun 26, 2018 at 09:18:39PM -0400, Alex Gaynor wrote:
> > Because of the degree to which this API presented a footgun, I would like
> > to request a CVE for it.
>
> This makes sense to me. You can make CVE requests on:
>
> https://cveform.mitre.org/
>
> Thanks
>


-- 
"I disapprove of what you say, but I will defend to the death your right to
say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
"The people's good is the highest law." -- Cicero
GPG Key fingerprint: D1B3 ADC0 E023 8CA6

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ