[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: An interesting data point



Sorry I should be more clear: this is current data in the spreadsheet
that hasn't yet had CVE's assigned.

https://docs.google.com/spreadsheets/d/1Jq_OpPxS5q8dLYdoWjKmklQG2AH8d9vl_2oKp-eGwA0

There's also some historical rejects/etc (e.g. stuff that was beyond
saving or I never got a reply) in the other tabs of that spreadsheet.

On Mon, Dec 4, 2017 at 10:12 PM, jericho <jericho@attrition.org> wrote:
>
> On Mon, 4 Dec 2017, Kurt Seifried wrote:
>
> : So from the current crop of CVE requests the DWF got:
> :
> :  7 BAD:DESCRIPTION
> :    8 BAD:DESCRIPTION:MISSING:DETAILS
> :   23 BAD:DESCRIPTION:MISSING:PRODUCT,BAD:DESCRIPTION:MISSING:VERSION
> :   19 BAD:DESCRIPTION:MISSING:VERSION
> :    1 BAD:MULTIPLE_ISSUES
> :   11 BAD:REF_URL
> :    1 
> BAD:REF_URL,BAD:DESCRIPTION:MISSING:VERSION,BAD:DESCRIPTION:MISSING:PRODUCT
> :    2 BAD:VULN_TYPE
> :    1 NEEDINFO
> :  153 OK
> :
> : The status codes are at
> : 
> https://github.com/distributedweaknessfiling/DWF-Documentation/blob/master/DWF-STATUS-ERROR-CODES-for-CVE-requests.md
> : but should be pretty self evident. The good news is that a lot of 
> these
> : can be fixed without to much work, but I definitely need to figure 
> out
> : how to help people make better requests/write the descriptions (or 
> auto
> : generate them.. I think that's the way to go).
>
> Out of curiosity, since the information above doesn't let me figure it
> out, what was the disposition code for CVE-2017-1000186? Curious if 
> that
> was one of the non-OK entries.
>
> Brian



-- 

Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: secalert@redhat.com


Page Last Updated or Reviewed: December 05, 2017