Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: Regarding service request 1513650 (fwd)
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Henrik Holst via curl-library <curl-library_at_lists.haxx.se>
Date: Tue, 29 Aug 2023 23:38:10 +0200
Nice to see that the administrators at MITRE have zero technical knowledge.
Denial of service...
/HH
Den tis 29 aug. 2023 kl 23:20 skrev Daniel Stenberg via curl-library <
curl-library_at_lists.haxx.se>:
> I asked MITRE for CVE-2020-19909 to be rejected. Denied.
>
> --
>
> / daniel.haxx.se
>
> ---------- Forwarded message ----------
> Date: Tue, 29 Aug 2023 17:10:47
> From: CVE Request <CVE-Request_at_mitre.org>
> To: "daniel_at_haxx.se" <daniel_at_haxx.se>
> Subject: Regarding service request 1513650
>
> Hello,
>
>
>
> Regarding your CVE service request, logged on 2023-08-28T11:09:47, we have
> the following question or update:
>
>
>
> After review there are multiple perspectives on whether the issue
> information is helpful to consumers of the CVE List, our current preference
> is in the direction of keeping the CVE ID assignment. There is a valid
> weakness (integer overflow) that can lead to a valid security impact
> (denial of service, based on retrying network traffic much more often than
> is documented/requested). The record has been flagged as DISPUTED and the
> views have been recorded as a NOTE in the record as well. This request will
> now be closed.
>
>
>
>
>
> Please do not hesitate to contact the CVE Team by replying to this email
> if you have any questions, or to provide more details.
>
>
>
> Please do not change the subject line, which allows us to effectively
> track your request.
>
>
>
> CVE Assignment Team
>
>
>
> M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
>
>
>
> [A PGP key is available for encrypted communications at
>
>
>
> http://cve.mitre.org/cve/request_id.html]
>
>
>
> {CMI: MCID14239336}
>
>
>
>
> --
> Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
> Etiquette: https://curl.se/mail/etiquette.html
>
Date: Tue, 29 Aug 2023 23:38:10 +0200
Nice to see that the administrators at MITRE have zero technical knowledge.
Denial of service...
/HH
Den tis 29 aug. 2023 kl 23:20 skrev Daniel Stenberg via curl-library <
curl-library_at_lists.haxx.se>:
> I asked MITRE for CVE-2020-19909 to be rejected. Denied.
>
> --
>
> / daniel.haxx.se
>
> ---------- Forwarded message ----------
> Date: Tue, 29 Aug 2023 17:10:47
> From: CVE Request <CVE-Request_at_mitre.org>
> To: "daniel_at_haxx.se" <daniel_at_haxx.se>
> Subject: Regarding service request 1513650
>
> Hello,
>
>
>
> Regarding your CVE service request, logged on 2023-08-28T11:09:47, we have
> the following question or update:
>
>
>
> After review there are multiple perspectives on whether the issue
> information is helpful to consumers of the CVE List, our current preference
> is in the direction of keeping the CVE ID assignment. There is a valid
> weakness (integer overflow) that can lead to a valid security impact
> (denial of service, based on retrying network traffic much more often than
> is documented/requested). The record has been flagged as DISPUTED and the
> views have been recorded as a NOTE in the record as well. This request will
> now be closed.
>
>
>
>
>
> Please do not hesitate to contact the CVE Team by replying to this email
> if you have any questions, or to provide more details.
>
>
>
> Please do not change the subject line, which allows us to effectively
> track your request.
>
>
>
> CVE Assignment Team
>
>
>
> M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
>
>
>
> [A PGP key is available for encrypted communications at
>
>
>
> http://cve.mitre.org/cve/request_id.html]
>
>
>
> {CMI: MCID14239336}
>
>
>
>
> --
> Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
> Etiquette: https://curl.se/mail/etiquette.html
>
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.htmlReceived on 2023-08-29