This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

CVE-2015-7547 Public Announcement ETA for NIST database Inclusion

From: mark mark <mark74193 at gmail dot com>
To: libc-alpha at sourceware dot org
Date: Thu, 18 Feb 2016 14:13:58 +0800
Subject: CVE-2015-7547 Public Announcement ETA for NIST database Inclusion
Authentication-results: sourceware.org; auth=none

Hello,

Since the vulnerability was disclosed, my company has already began
patching affected servers. We've almost had that completed and the
only show stoppers are the linux-based network devices that are
vulnerable as per the vendor. We were told by our vendor that they
will not initiate the patch development until the vulnerability is in
the NIST database. When I checked the status this morning, the CVE
still says "Reserved" in MITRE hence it has not made it to the NIST
yet. My question is, given the significance of this issue in terms of
threat level, do you guys have any ETA on the formal announcement?

Thank you
- Mark A

Follow-Ups:
- Re: CVE-2015-7547 Public Announcement ETA for NIST database Inclusion
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]