[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVE-2017-10791 and others - Vendor Comments for Product GNU PSPP
|
From: |
Ben Pfaff |
|
Subject: |
Re: CVE-2017-10791 and others - Vendor Comments for Product GNU PSPP |
|
Date: |
Fri, 1 Sep 2017 07:43:26 -0700 |
|
User-agent: |
Mutt/1.5.23 (2014-03-12) |
I've now submitted requests to MITRE for updates.
On Thu, Aug 31, 2017 at 06:17:40PM +0000, Turner, Christopher A. (Ctr) wrote:
> Good afternoon,
>
> Thank you for contacting the NVD! While we are able to supply Vendor
> Comments, they will only appear on the NVD website entry for the CVE. If you
> are trying to have this type of information proliferated, a more preferable
> method would be to contact the CVE Assignment Team using the form at
> https://cveform.mitre.org/ . You should be able to have the reference links
> added to the official CVE Dictionary this way and could request the CVE
> description be updated to reflect the patched version as well. Once these
> changes are made to the CVE Dictionary, they would appear in the NVD database
> within 24 hours.
>
> To avoid having duplicate data on the CVE, would you be willing to contact
> the CVE assignment team before we dedicate to assigning Vendor Comments?
>
> V/r,
>
> Christopher Turner
> National Vulnerability Database
> address@hidden<mailto:address@hidden>
>
> From: Friedrich Beckmann [mailto:address@hidden
> Sent: Wednesday, August 30, 2017 2:47 AM
> To: nvd <address@hidden>
> Cc: Pspp-users <address@hidden>
> Subject: CVE-2017-10791 and others - Vendor Comments for Product GNU PSPP
>
> Dear Sirs,
>
> i am a maintainer for the GNU pspp product which is free open source software.
>
> See: https://savannah.gnu.org/project/memberlist.php?group=pspp
>
> I would like to ask you to include the following vendor comments for the
> following
> CVE’s
>
> CVE-2017-10791
> CVE-2017-10792
>
> This has been fixed in release 0.11.0. See:
> https://savannah.gnu.org/forum/forum.php?forum_id=8926
>
> CVE-2017-12958
> CVE-2017-12959
> CVE-2017-12960
> CVE-2017-12961
>
> This has been fixed in release 1.0.1. See:
> https://savannah.gnu.org/forum/forum.php?forum_id=8936
>
> Regards
>
> Friedrich Beckmann
>
> _______________________________________________
> Pspp-users mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/pspp-users
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: CVE-2017-10791 and others - Vendor Comments for Product GNU PSPP,
Ben Pfaff <=