oss-sec mailing list archives

Re: Re: CVE request for wget

From: Andreas Stieger <astieger () suse com>
Date: Tue, 29 Sep 2015 13:12:37 +0200

Hello,

On 09/25/2015 10:04 PM, cve-assign () mitre org wrote:

https://mailman.boum.org/pipermail/tails-dev/2015-August/009370.html
https://lists.gnu.org/archive/html/bug-wget/2015-08/msg00020.html

http://git.savannah.gnu.org/cgit/wget.git/commit/?id=075d7556964f5a871a73c22ac4b69f5361295099

We really don't understand what set of expectations led to this
becoming a CVE request for a vulnerability in wget.


Possibly assignments for CWE-200 including CVE-2000-0649, CVE-2002-0422
relating to exposure if an internal IP address of a communication partner.

The remaining points are noted.

Andreas

-- 
Andreas Stieger <astieger () suse com>
Project Manager Security
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

CVE request for wget Austin English (Sep 07)
- Re: CVE request for wget Victor Pereira (Sep 09)
- Re: CVE request for wget Andreas Stieger (Sep 09)
  - Re: CVE request for wget Austin English (Sep 24)
- Re: CVE request for wget cve-assign (Sep 25)
  - Re: CVE request for wget Austin English (Sep 28)
  - Re: Re: CVE request for wget Andreas Stieger (Sep 29)