[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: An interesting data point

To: jericho <jericho@attrition.org>
Subject: Re: An interesting data point
From: Kurt Seifried <kseifried@redhat.com>
Date: Mon, 4 Dec 2017 22:16:22 -0700
Authentication-results: spf=none (sender IP is 198.49.146.235) smtp.mailfrom=LISTS.MITRE.ORG; imc.mitre.org; dkim=none (message not signed) header.d=none;imc.mitre.org; dmarc=fail action=none header.from=redhat.com;
Cc: cve-editorial-board-list <cve-editorial-board-list@lists.mitre.org>
Delivery-date: Tue Dec 5 07:46:21 2017
In-reply-to: <alpine.LNX.2.00.1712042311000.6952@forced.attrition.org>
List-help: <mailto:LISTSERV@LISTS.MITRE.ORG?body=INFO%20CVE-EDITORIAL-BOARD-LIST>
List-owner: <mailto:CVE-EDITORIAL-BOARD-LIST-request@LISTS.MITRE.ORG>
List-subscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-subscribe-request@LISTS.MITRE.ORG>
List-unsubscribe: <mailto:CVE-EDITORIAL-BOARD-LIST-unsubscribe-request@LISTS.MITRE.ORG>
References: <CANO=Ty0C8=c5BRHrx4_fp-EpWktMTDz1RT2+SsukJhHii-K2gA@mail.gmail.com> <alpine.LNX.2.00.1712042311000.6952@forced.attrition.org>
Sender: <owner-cve-editorial-board-list@lists.mitre.org>
Spamdiagnosticmetadata: 5952c28dcc454f0789fb433d26f936ef
Spamdiagnosticoutput: 1:2

Sorry I should be more clear: this is current data in the spreadsheet
that hasn't yet had CVE's assigned.

https://docs.google.com/spreadsheets/d/1Jq_OpPxS5q8dLYdoWjKmklQG2AH8d9vl_2oKp-eGwA0

There's also some historical rejects/etc (e.g. stuff that was beyond
saving or I never got a reply) in the other tabs of that spreadsheet.

On Mon, Dec 4, 2017 at 10:12 PM, jericho <jericho@attrition.org> wrote:
>
> On Mon, 4 Dec 2017, Kurt Seifried wrote:
>
> : So from the current crop of CVE requests the DWF got:
> :
> :  7 BAD:DESCRIPTION
> :    8 BAD:DESCRIPTION:MISSING:DETAILS
> :   23 BAD:DESCRIPTION:MISSING:PRODUCT,BAD:DESCRIPTION:MISSING:VERSION
> :   19 BAD:DESCRIPTION:MISSING:VERSION
> :    1 BAD:MULTIPLE_ISSUES
> :   11 BAD:REF_URL
> :    1 
> BAD:REF_URL,BAD:DESCRIPTION:MISSING:VERSION,BAD:DESCRIPTION:MISSING:PRODUCT
> :    2 BAD:VULN_TYPE
> :    1 NEEDINFO
> :  153 OK
> :
> : The status codes are at
> : 
> https://github.com/distributedweaknessfiling/DWF-Documentation/blob/master/DWF-STATUS-ERROR-CODES-for-CVE-requests.md
> : but should be pretty self evident. The good news is that a lot of 
> these
> : can be fixed without to much work, but I definitely need to figure 
> out
> : how to help people make better requests/write the descriptions (or 
> auto
> : generate them.. I think that's the way to go).
>
> Out of curiosity, since the information above doesn't let me figure it
> out, what was the disposition code for CVE-2017-1000186? Curious if 
> that
> was one of the non-OK entries.
>
> Brian



-- 

Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Red Hat Product Security contact: secalert@redhat.com

Follow-Ups:
- Re: An interesting data point
  - From: jericho <jericho@attrition.org>

References:
- An interesting data point
  - From: Kurt Seifried <kseifried@redhat.com>
- Re: An interesting data point
  - From: jericho <jericho@attrition.org>

Prev by Date: Re: An interesting data point
Next by Date: Re: An interesting data point
Previous by thread: Re: An interesting data point
Next by thread: Re: An interesting data point
Index(es):
- Date
- Thread