Differences

This shows you the differences between two versions of the page.

Link to this comparison view

mailing-lists:distros:stats [2018/11/25 08:54]
kristianf Update for Q3
mailing-lists:distros:stats [2019/01/13 14:02] (current)
kristianf Update for Q4
Line 1: Line 1:
 ====== Report statistics for distros ML ====== ====== Report statistics for distros ML ======
-These statistics are updated as of 2018-09-30 23:59 (UTC)+These statistics are updated as of 2018-12-31 23:59 (UTC)
  
 ===== Statistics by month ===== ===== Statistics by month =====
 Statistics are grouped by month of the issue being reported to the distros list Statistics are grouped by month of the issue being reported to the distros list
-^Date^All^2017-06^2017-07^2017-08^2017-09^2017-10^2017-11^2017-12^2018-01^2018-02^2018-03^2018-04^2018-05^2018-06^2018-07^2018-08^2018-09^ +^Date^All^2017-06^2017-07^2017-08^2017-09^2017-10^2017-11^2017-12^2018-01^2018-02^2018-03^2018-04^2018-05^2018-06^2018-07^2018-08^2018-09^2018-10^2018-11^2018-12
-|Number of reports|99|1|3|6|9|5|7|5|8|4|6|10|5|6|7|13|4| +|Number of reports|110|1|3|6|9|5|7|5|8|4|6|10|5|6|7|13|4|7|2|2
-|Average embargo time (first public)|6.43|10.84|4.69|6.39|5.83|4.90|6.70|5.99|7.28|2.99|6.52|7.40|7.30|5.13|5.38|8.41|5.53| +|Average embargo time (first public)|5.98|10.84|4.69|6.39|5.83|4.90|6.70|5.99|7.28|2.99|6.52|7.40|7.30|5.13|5.38|4.36|5.53|8.62|3.25|3.17
-|Average embargo time (oss-security)|6.71|14.16|5.03|6.39|5.84|5.14|6.70|6.02|9.64|2.99|6.60|7.60|7.30|5.13|5.38|8.42|5.53|+|Average embargo time (oss-security)|6.22|14.16|5.03|6.39|5.84|5.14|6.70|6.02|9.64|2.99|6.60|7.60|7.30|5.13|5.38|4.36|5.53|8.62|3.25|3.17|
 ===== Data ===== ===== Data =====
 ^Project^Subject^Reported (UTC)^Public (UTC)^oss-security posting^Time of oss-security posting (UTC)^CVE(s)^Days embargoed (first public)^Days embargoed (oss-security)^ ^Project^Subject^Reported (UTC)^Public (UTC)^oss-security posting^Time of oss-security posting (UTC)^CVE(s)^Days embargoed (first public)^Days embargoed (oss-security)^
Line 95: Line 95:
 |Linux Kernel|[vs-plain] CVE-2017-18344:​ Linux kernel: meltdown-like vulnerability in the timer subsystem|2018-08-02 13:​01|2018-08-02 18:​57|http://​www.openwall.com/​lists/​oss-security/​2018/​08/​02/​3|2018-08-02 18:​57|CVE-2017-18344|0.25|0.25| |Linux Kernel|[vs-plain] CVE-2017-18344:​ Linux kernel: meltdown-like vulnerability in the timer subsystem|2018-08-02 13:​01|2018-08-02 18:​57|http://​www.openwall.com/​lists/​oss-security/​2018/​08/​02/​3|2018-08-02 18:​57|CVE-2017-18344|0.25|0.25|
 |brtfs|[vs-plain] btrfsmaintenance:​ CVE-2018-14722|2018-08-07 11:​25|2018-08-14 15:​57|https://​www.openwall.com/​lists/​oss-security/​2018/​08/​14/​7|2018-08-14 15:​57|CVE-2018-14722|7.19|7.19| |brtfs|[vs-plain] btrfsmaintenance:​ CVE-2018-14722|2018-08-07 11:​25|2018-08-14 15:​57|https://​www.openwall.com/​lists/​oss-security/​2018/​08/​14/​7|2018-08-14 15:​57|CVE-2018-14722|7.19|7.19|
-|Bind|[vs] BIND vulnerability CVE-2018-5740 will be announced 08 August 2018|2018-08-07 21:​44||||CVE-2018-5740|54.09|54.09|+|Bind|[vs] BIND vulnerability CVE-2018-5740 will be announced 08 August 2018|2018-08-07 21:44|2018-08-09 06:45|https://​www.openwall.com/​lists/​oss-security/​2018/​08/​09/​1|2018-08-09 06:45|CVE-2018-5740|1.38|1.38|
 |cobbler|[vs] CVE-2018-10931 cobbler: CobblerXMLRPCInterface exports all its methods over XMLRPC|2018-08-08 18:​06|2018-08-09 15:​42|https://​www.openwall.com/​lists/​oss-security/​2018/​08/​09/​9|2018-08-09 15:​42|CVE-2018-10931|0.90|0.90| |cobbler|[vs] CVE-2018-10931 cobbler: CobblerXMLRPCInterface exports all its methods over XMLRPC|2018-08-08 18:​06|2018-08-09 15:​42|https://​www.openwall.com/​lists/​oss-security/​2018/​08/​09/​9|2018-08-09 15:​42|CVE-2018-10931|0.90|0.90|
 |Spice|[vs] spice CVE-2018-10873:​ post-auth crash or potential heap corruption when demarshalling|2018-08-10 03:​16|2018-08-16 23:​51|http://​www.openwall.com/​lists/​oss-security/​2018/​08/​17/​1|2018-08-17 00:​51|CVE-2018-10873|6.86|6.90| |Spice|[vs] spice CVE-2018-10873:​ post-auth crash or potential heap corruption when demarshalling|2018-08-10 03:​16|2018-08-16 23:​51|http://​www.openwall.com/​lists/​oss-security/​2018/​08/​17/​1|2018-08-17 00:​51|CVE-2018-10873|6.86|6.90|
Line 109: Line 109:
 |Linux Kernel|[vs-plain] potential local priviledge escalation bug in vmacache code|2018-09-18 13:​29|2018-09-18 14:​54|https://​www.openwall.com/​lists/​oss-security/​2018/​09/​18/​4|2018-09-18 14:​54||0.06|0.06| |Linux Kernel|[vs-plain] potential local priviledge escalation bug in vmacache code|2018-09-18 13:​29|2018-09-18 14:​54|https://​www.openwall.com/​lists/​oss-security/​2018/​09/​18/​4|2018-09-18 14:​54||0.06|0.06|
 |Linux Kernel|[vs-plain] Integer overflow in Linux'​s create_elf_tables() (CVE-2018-14634)|2018-09-18 15:​58|2018-09-25 17:​07|https://​www.openwall.com/​lists/​oss-security/​2018/​09/​25/​4|2018-09-25 17:​07|CVE-2018-14634|7.05|7.05| |Linux Kernel|[vs-plain] Integer overflow in Linux'​s create_elf_tables() (CVE-2018-14634)|2018-09-18 15:​58|2018-09-25 17:​07|https://​www.openwall.com/​lists/​oss-security/​2018/​09/​25/​4|2018-09-25 17:​07|CVE-2018-14634|7.05|7.05|
 +|libssh|[vs] libssh security issue CVE-2018-10933|2018-10-08 08:​41|2018-10-16 12:​21|https://​www.openwall.com/​lists/​oss-security/​2018/​10/​16/​1|2018-10-16 12:​21|CVE-2018-10933|8.15|8.15|
 +|glib|[vs] GLib variant binary form and D-Bus message parsing problems|2018-10-11 02:​09|2018-10-23 03:​46|https://​www.openwall.com/​lists/​oss-security/​2018/​10/​23/​5|2018-10-23 03:​46||12.07|12.07|
 +|Linux Kernel|[vs-plain] 4.19.0-rc3 global-out-of-bounds read in btusb_work|2018-10-16 11:​51|2018-10-31 14:​11|https://​www.openwall.com/​lists/​oss-security/​2018/​10/​31/​6|2018-10-31 14:​11||15.10|15.10|
 +|gcc|[vs-plain] GCC Compiler Induced Vulnerability|2018-10-21 02:​34|2018-10-22 15:​07|https://​www.openwall.com/​lists/​oss-security/​2018/​10/​22/​3|2018-10-22 15:​07||1.52|1.52|
 +|glusterfs|[vs] glusterfs: multiple flaws|2018-10-23 07:​48|2018-10-31 12:​50|https://​www.openwall.com/​lists/​oss-security/​2018/​10/​31/​5|2018-10-31 12:​50|CVE-2018-14651\\ CVE-2018-14652\\ CVE-2018-14653\\ CVE-2018-14654\\ CVE-2018-14659\\ CVE-2018-14660\\ CVE-2018-14661|8.21|8.21|
 +|curl|[vs-plain] curl - two pending security advisories|2018-10-22 08:​26|2018-10-31 06:​55|https://​www.openwall.com/​lists/​oss-security/​2018/​10/​31/​1|2018-10-31 06:​55|CVE-2018-16839\\ CVE-2018-16840|8.94|8.94|
 +|Intel CPU|[vs-plain] new side-channel vulnerability on SMT/​Hyper-Threading architectures|2018-10-26 12:​59|2018-11-01 22:​12|https://​www.openwall.com/​lists/​oss-security/​2018/​11/​01/​4|2018-11-01 22:​12|CVE-2018-5407|6.38|6.38|
 +|PowerDNS|[vs] PowerDNS prenotification|2018-11-01 14:​10|2018-11-06 22:​28|https://​www.openwall.com/​lists/​oss-security/​2018/​11/​06/​8|2018-11-06 22:​28|CVE-2018-10851\\ CVE-2018-14626\\ CVE-2018-14644|5.35|5.35|
 +|Linux Kernel|[vs-plain] Kernel heap overflow in bpf leading to LPE (exploit provided)|2018-11-22 13:​45|2018-11-23 17:​22|https://​www.openwall.com/​lists/​oss-security/​2018/​11/​23/​6|2018-11-23 17:​22||1.15|1.15|
 +|Linux Kernel|[vs-plain] UAF write in usb_audio_probe|2018-12-03 14:​45|2018-12-03 16:​45|https://​www.openwall.com/​lists/​oss-security/​2018/​12/​03/​1|2018-12-03 16:​45|CVE-2018-19824|0.08|0.08|
 +|Go|[vs-plain] Go security release next week, requesting 3 CVE IDs|2018-12-08 11:​56|2018-12-14 18:​06|https://​www.openwall.com/​lists/​oss-security/​2018/​12/​14/​9|2018-12-14 18:​06|CVE-2018-16873\\ CVE-2018-16874\\ CVE-2018-16875|6.26|6.26|
mailing-lists/distros/stats.txt · Last modified: 2019/01/13 14:02 by kristianf
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate to DokuWiki Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki Powered by OpenVZ Powered by Openwall GNU/*/Linux