Web lists-archives.com

Re: CVE tracking




On 2018-04-13 11:58:32 +0200 (+0200), Daniel Stender wrote:
> I received an email towards CVE-2018-1000159 (on tlslite-ng) and
> was about filing a bug report against Debian BTS, but can't this
> CVE referenced neither in the NIST database nor in the lists
> provided at MITRE.
> 
> However it appears the CVE have been assigned:
> 
> <cut>
> { "CVE_data_meta": { "ASSIGNER": "kurt@xxxxxxxxxxxx",
> "DATE_ASSIGNED": "2018-04-06T14:09:26.582381", "DATE_REQUESTED":
> "2018-03-27T07:54:48", "ID": "CVE-2018-1000159", "REQUESTER":
> "hkario@xxxxxxxxxx" },
[...]
> Where to look for an online reference?

It looks like a CVE numbered in one of the ranges used by the DWF
project, which Kurt coordinates, but recent enough that is hasn't
been added here:

https://github.com/distributedweaknessfiling/cvelist/tree/master/2018/1000xxx

Odds are it'll show up there in the coming days (I don't know how
quickly he syncs in IDs he's assigned).
-- 
Jeremy Stanley

Attachment: signature.asc
Description: PGP signature