[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#850728: security-tracker: DSA-3756-1 vs. tracker

It is indeed valid. It is not uncommon for the mitre list to take some time to catch up. The CVE ids are blocked to various CNAs leading to the 5000s being currently assigned. 

The discussion where the the CVE is assigned is here:
http://www.openwall.com/lists/oss-security/2017/01/08/5

The ref for CVE ids and CNAs is here:
https://cve.mitre.org/cve/identifiers/index.html

--
Nicholas Luedtke
HPE Linux Security, Hewlett Packard Enterprise

-----Original Message-----
From: Francesco Poli [mailto:invernomuto@paranoici.org] 
Sent: Monday, January 09, 2017 11:14 AM
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#850728: security-tracker: DSA-3756-1 vs. tracker

Package: security-tracker
Severity: normal

Hello everyone!

DSA-3756-1 [1] claims to talk about CVE-2017-5208 [2], but the CVE official list seems to know nothing about it [3].
Actually, have *so many* vulnerabilities been already indexed in the just started year 2017 ?!?

Is this a typo? Which is the correct CVE number?
Please clarify and fix the tracker data, as appropriate.

Thanks for your time!

[1] https://lists.debian.org/debian-security-announce/2017/msg00006.html
[2] https://security-tracker.debian.org/tracker/CVE-2017-5208
[3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5208
Reply to: