oss-sec mailing list archives

Re: CVE for Kali Linux

From: Kurt Seifried <kseifried () redhat com>
Date: Sun, 22 Mar 2015 09:49:12 -0600



On 03/22/2015 05:04 AM, Florian Weimer wrote:

* Kurt Seifried:

So I guess we enter uncharted territory here.


No, this is pretty much the same as bug 998:


I meant from the CVE assignment perspective. This was back in 1999, it's
only recently (e.g. the last 6 months or so?) that we've moved the
security bar to:

downloads of updates via HTTP with no other protection == CVE

-- 
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

Re: CVE for Kali Linux, (continued)
- - - Re: CVE for Kali Linux Daniel Micay (Mar 21)
    - Re: CVE for Kali Linux Russ Allbery (Mar 21)
    - Re: CVE for Kali Linux Daniel Micay (Mar 21)
    - Re: CVE for Kali Linux Daniel Micay (Mar 21)
    - Re: CVE for Kali Linux Florian Weimer (Mar 22)
    - Re: CVE for Kali Linux Daniel Micay (Mar 22)
    - Re: CVE for Kali Linux Amos Jeffries (Mar 22)
    - Re: CVE for Kali Linux Daniel Micay (Mar 22)
    - Re: CVE for Kali Linux Michael Samuel (Mar 21)
    - Re: CVE for Kali Linux Florian Weimer (Mar 22)
    - Re: CVE for Kali Linux Kurt Seifried (Mar 22)
    - Re: CVE for Kali Linux Jeremy Stanley (Mar 22)
    - Re: CVE for Kali Linux Kurt Seifried (Mar 22)
    - Re: CVE for Kali Linux David A. Wheeler (Mar 22)
    - Re: CVE for Kali Linux Solar Designer (Mar 22)
    - Re: CVE for Kali Linux Solar Designer (Mar 22)
    - Re: CVE for Kali Linux Kurt Seifried (Mar 22)
    - Re: CVE for Kali Linux Donald Stufft (Mar 22)
    - Re: CVE for Kali Linux Daniel Micay (Mar 22)
    - Re: CVE for Kali Linux Kristian Fiskerstrand (Mar 22)
    - Re: CVE for Kali Linux Jeremy Stanley (Mar 22)

(Thread continues...)