On 2018-04-13 11:58:32 +0200 (+0200), Daniel Stender wrote:
> I received an email towards CVE-2018-1000159 (on tlslite-ng) and
> was about filing a bug report against Debian BTS, but can't this
> CVE referenced neither in the NIST database nor in the lists
> provided at MITRE.
>
> However it appears the CVE have been assigned:
>
> <cut>
> { "CVE_data_meta": { "ASSIGNER": "kurt@seifried.org",
> "DATE_ASSIGNED": "2018-04-06T14:09:26.582381", "DATE_REQUESTED":
> "2018-03-27T07:54:48", "ID": "CVE-2018-1000159", "REQUESTER":
> "hkario@redhat.com" },
[...]
> Where to look for an online reference?
It looks like a CVE numbered in one of the ranges used by the DWF
project, which Kurt coordinates, but recent enough that is hasn't
been added here:
https://github.com/distributedweaknessfiling/cvelist/tree/master/2018/1000xxx
Odds are it'll show up there in the coming days (I don't know how
quickly he syncs in IDs he's assigned).
--
Jeremy Stanley
Attachment:
signature.asc
Description: PGP signature