Re: CVE's question -- MIDRANGE-L

Good News Everybody!

The new search engine is LIVE!

Please report any problems to david (at) midrange.com.

Subject: Re: CVE's question
From: Rob Berendt <rob@xxxxxxxxx>
Date: Wed, 7 Nov 2018 11:33:28 -0500
List-archive: <https://archive.midrange.com/midrange-l/>
List-help: <mailto:midrange-l-request@midrange.com?subject=help>
List-id: Midrange Systems Technical Discussion <midrange-l.midrange.com>
List-post: <mailto:midrange-l@midrange.com>
List-subscribe: <https://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=subscribe>
List-unsubscribe: <https://lists.midrange.com/mailman/options/midrange-l>, <mailto:midrange-l-request@midrange.com?subject=unsubscribe>

The theory is that you should be able to look up the CVE at IBM's Product
Security Incident Response blog at
https://www.ibm.com/blogs/psirt/
But it's crap.
Let's look at an example from today. I got an email from IBM informing me
of a CVE which could whack IBM i 7.1-7.3. This email points me to this:
https://www-01.ibm.com/support/docview.wss?uid=ibm10725903&myns=ibmi&mynp=OCSSC52E&mynp=OCSSC5L9&mynp=OCSSTS2D&mync=E&cm_sp=ibmi-_-OCSSC52E-OCSSC5L9-OCSSTS2D-_-E
This link lists the PTF's needed to resolve it.
Ok. So far, so good. However, I go back to the psirt site and try to
look up that CVE and all it tells me about is Red Hat.

I guess one could browse PTF cover letters online for the CVE.

Rob Berendt

As an Amazon Associate we earn from qualifying purchases.

Follow-Ups:

Re: CVE's question , Jack Kingsley

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.