Report statistics for distros ML

These statistics are updated as of 2017-10-30 23:59 (UTC)

Statistics by month

Statistics are grouped by month of the issue being reported to the distros list

DateAll2017-062017-072017-082017-092017-10
Number of reports2413695
Average embargo time (first public)5.8410.844.696.395.834.90
Average embargo time (oss-security)6.0814.165.036.395.845.14

Data

ProjectSubjectReported (UTC)Public (UTC)oss-security postingTime of oss-security posting (UTC)CVE(s)Days embargoed (first public)Days embargoed (oss-security)
Spice[vs] spice2017-06-30 03:502017-07-11 00:00http://www.openwall.com/lists/oss-security/2017/07/14/12017-07-14 07:38CVE-2017-7506 10.8414.16
Jenkins[vs] CVE ID assignment request from the Jenkins project2017-07-07 13:132017-07-10 15:00http://www.openwall.com/lists/oss-security/2017/07/11/92017-07-11 11:52CVE-2017-1000084
CVE-2017-1000085
CVE-2017-1000086
CVE-2017-1000087
CVE-2017-1000088
CVE-2017-1000089
CVE-2017-1000090
CVE-2017-1000091
CVE-2017-1000092
CVE-2017-1000093
CVE-2017-1000094
CVE-2017-1000095
CVE-2017-1000096
3.073.94
Evince[vs] evince: Command injection vulnerability in CBT handler2017-07-10 13:572017-07-13 12:00http://www.openwall.com/lists/oss-security/2017/07/13/52017-07-13 15:43CVE-2017-10000832.923.07
Linux Kernel[vs-plain] linux kernel: CVE-2017-75332017-07-26 12:182017-08-03 14:00http://www.openwall.com/lists/oss-security/2017/08/03/22017-08-03 14:00CVE-2017-75338.078.07
Curl[vs-plain] curl: URL globbing out of bounds read (1/3)2017-08-01 10:022017-08-09 06:00http://www.openwall.com/lists/oss-security/2017/08/09/12017-08-09 06:00CVE-2017-10001017.837.83
Curl[vs-plain] curl: TFTP sends more than buffer size (2/3)2017-08-01 10:022017-08-09 06:00http://www.openwall.com/lists/oss-security/2017/08/09/22017-08-09 06:00CVE-2017-10001007.837.83
Curl[vs-plain] curl: FILE buffer read out of bounds2017-08-01 10:022017-08-09 06:00http://www.openwall.com/lists/oss-security/2017/08/09/32017-08-09 06:00CVE-2017-10000997.837.83
Linux Kernel[vs-plain] Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch2017-08-04 15:592017-08-10 20:55http://www.openwall.com/lists/oss-security/2017/08/10/52017-08-10 20:55CVE-2017-10001126.216.21
Linux Kernel[vs-plain] Linux kernel: heap out-of-bounds in AF_PACKET sockets2017-08-04 16:482017-08-10 13:25http://www.openwall.com/lists/oss-security/2017/08/10/72017-08-10 13:25CVE-2017-10001115.865.86
GNOME[vs] CVE-2017-2885 libsoup - stack based buffer overflow with HTTP Chunked Encoding2017-08-07 17:542017-08-10 12:41http://www.openwall.com/lists/oss-security/2017/08/10/12017-08-10 12:53CVE-2017-2885 2.782.79
file[vs] file: stack based buffer overflow2017-09-01 09:302017-09-05 16:24http://www.openwall.com/lists/oss-security/2017/09/05/32017-09-05 16:24CVE-2017-10002494.294.29
BlueZ[vs-plain] Info Leak vulnerability in BlueZ2017-09-05 20:292017-09-13 21:08http://www.openwall.com/lists/oss-security/2017/09/13/42017-09-13 21:08CVE-2017-1000250
CVE-2017-1000251
8.038.03
tcpdump[vs-plain] Re: tcpdump 4.9.2 and NixOS2017-09-06 13:082017-09-07 14:06http://www.openwall.com/lists/oss-security/2017/09/07/82017-09-07 14:06CVE-2017-11543
CVE-2017-13011
CVE-2017-12989
CVE-2017-12990
CVE-2017-12995
CVE-2017-12997
CVE-2017-11541
CVE-2017-11542
CVE-2017-12893
CVE-2017-12894
CVE-2017-12895
CVE-2017-12896
CVE-2017-12898
CVE-2017-12897
CVE-2017-12899
CVE-2017-12900
CVE-2017-12901
CVE-2017-12902
CVE-2017-12985
CVE-2017-12986
CVE-2017-12987
CVE-2017-12988
CVE-2017-12991
CVE-2017-12992
CVE-2017-12993
CVE-2017-11542
CVE-2017-11541
CVE-2017-12994
CVE-2017-12996
CVE-2017-12998
CVE-2017-12999
CVE-2017-13000
CVE-2017-13001
CVE-2017-13002
CVE-2017-13003
CVE-2017-13004
CVE-2017-13005
CVE-2017-13006
CVE-2017-13007
CVE-2017-13008
CVE-2017-13009
CVE-2017-13010
CVE-2017-13012
CVE-2017-13013
CVE-2017-13014
CVE-2017-13015
CVE-2017-11543
CVE-2017-13016
CVE-2017-13017
CVE-2017-13018
CVE-2017-13019
CVE-2017-13020
CVE-2017-13021
CVE-2017-13022
CVE-2017-13023
CVE-2017-13024
CVE-2017-13025
CVE-2017-13026
CVE-2017-13027
CVE-2017-13028
CVE-2017-13029
CVE-2017-13030
CVE-2017-13031
CVE-2017-13032
CVE-2017-13033
CVE-2017-13034
CVE-2017-13035
CVE-2017-13036
CVE-2017-13037
CVE-2017-13038
CVE-2017-13039
CVE-2017-13040
CVE-2017-13041
CVE-2017-13042
CVE-2017-13043
CVE-2017-13044
CVE-2017-13045
CVE-2017-13046
CVE-2017-13047
CVE-2017-13048
CVE-2017-13049
CVE-2017-13050
CVE-2017-13051
CVE-2017-13052
CVE-2017-13053
CVE-2017-13054
CVE-2017-13055
CVE-2017-13687
CVE-2017-13688
CVE-2017-13689
CVE-2017-13690
CVE-2017-13725
1.041.04
Linux Kernel[vs] KVM denial of service2017-09-08 11:212017-09-15 16:36http://www.openwall.com/lists/oss-security/2017/09/15/42017-09-15 16:36CVE-2017-10002527.227.22
apachevs] OPTIONSbleed bug in apache httpd2017-09-11 10:172017-09-18 13:18http://www.openwall.com/lists/oss-security/2017/09/18/22017-09-18 13:18CVE-2017-97987.137.13
Linux Kernel[vs] Qualys Security Advisory (CVE-2017-1000253)2017-09-20 09:282017-09-26 15:08http://www.openwall.com/lists/oss-security/2017/09/26/162017-09-26 15:08CVE-2017-10002536.246.24
Linux Kernel[vs-plain] Bluetooth RCE in Linux Kernel - follow up2017-09-24 19:202017-09-27 17:39http://www.openwall.com/lists/oss-security/2017/09/27/102017-09-27 17:39CVE-2017-10002512.932.93
DNSMasq[vs] DNSMasq Security vulnerabilities, public release October 2nd2017-09-25 20:592017-10-02 13:22http://www.openwall.com/lists/oss-security/2017/10/02/52017-10-02 15:47CVE-2017-14491
CVE-2017-14492
CVE-2017-14493
CVE-2017-14494
CVE-2017-14495
CVE-2017-14496
6.686.78
Curl[vs-plain] curl: FTP PWD response parser out of bounds read2017-09-25 08:262017-10-04 06:06http://www.openwall.com/lists/oss-security/2017/10/04/12017-10-04 06:06CVE-2017-10002548.908.90
Linux Kernel[vs] CVE Request for powerpc kernel bug2017-10-03 00:492017-10-09http://www.openwall.com/lists/oss-security/2017/10/10/32017-10-10 04:00CVE-2017-10002555.977.13
wpa_supplicant[vs] VU#228519 and wpa_supplicant/hostapd2017-10-10 08:082017-10-16 09:08http://www.openwall.com/lists/oss-security/2017/10/16/22017-10-16 09:08CVE-2017-13077
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13082
CVE-2017-13084
CVE-2017-13086
CVE-2017-13087
CVE-2017-13088
6.046.04
Linux Kernel[vs-plain] CVE-2017-5123 Linux kernel waitid() not calling access_ok()2017-10-09 19:062017-10-12 19:16http://www.openwall.com/lists/oss-security/2017/10/12/182017-10-12 20:02CVE-2017-51233.013.04
Curl[vs-plain] curl: IMAP FETCH response out of bounds read2017-10-17 11:542017-10-23 06:07http://www.openwall.com/lists/oss-security/2017/10/23/12017-10-23 06:07CVE-2017-10002575.765.76
Wget[vs] [FICORA #1010111] Vulnerability report2017-10-23 14:502017-10-27 08:21http://www.openwall.com/lists/oss-security/2017/10/27/12017-10-27 08:21CVE-2017-13089
CVE-2017-13090
3.733.73
mailing-lists/distros/stats.txt · Last modified: 2017/11/14 02:25 by kristianf
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate to DokuWiki Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Powered by OpenVZ Powered by Openwall GNU/*/Linux Bookmark and Share