Date: Wed, 27 Jun 2018 07:58:05 -0400 From: Alex Gaynor <alex.gaynor@...il.com> To: oss-security@...ts.openwall.com Subject: Re: CVE for PyYAML RCE-factory API Thanks -- this issue was assigned CVE-2017-18342. Alex On Tue, Jun 26, 2018 at 11:32 PM Seth Arnold <seth.arnold@...onical.com> wrote: > On Tue, Jun 26, 2018 at 09:18:39PM -0400, Alex Gaynor wrote: > > Because of the degree to which this API presented a footgun, I would like > > to request a CVE for it. > > This makes sense to me. You can make CVE requests on: > > https://cveform.mitre.org/ > > Thanks > -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: D1B3 ADC0 E023 8CA6
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ