[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Re: CVE request for wget
From:       Andreas Stieger <astieger () suse ! com>
Date:       2015-09-29 11:12:37
Message-ID: 560A7225.6020201 () suse ! com
[Download RAW message or body]


Hello,

On 09/25/2015 10:04 PM, cve-assign@mitre.org wrote:
> > https://mailman.boum.org/pipermail/tails-dev/2015-August/009370.html
> > https://lists.gnu.org/archive/html/bug-wget/2015-08/msg00020.html
> >
> http://git.savannah.gnu.org/cgit/wget.git/commit/?id=075d7556964f5a871a73c22ac4b69f5361295099
>
> We really don't understand what set of expectations led to this
> becoming a CVE request for a vulnerability in wget.

Possibly assignments for CWE-200 including CVE-2000-0649, CVE-2002-0422
relating to exposure if an internal IP address of a communication partner.

The remaining points are noted.

Andreas

-- 
Andreas Stieger <astieger@suse.com>
Project Manager Security
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)




["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]