Description
CVE-2016-1000110 is detected as CVE-2016-1000 in Vuls.
ChangeLog for: python-2.6.6-66.el6_8.x86_64, python-libs-2.6.6-66.el6_8.x86_64
- Tue Aug 9 21:00:00 2016 Charalampos Stratakis cstratak@redhat.com - 2.6.6-66
- Fix for CVE-2016-1000110 HTTPoxy attack
Resolves: rhbz#1359161
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110
https://access.redhat.com/security/cve/cve-2016-1000110
It's cut down by fixing 4 digits by a cord.
https://github.com/future-architect/vuls/blob/master/scan/redhat.go#L870
After 2014, CVE-ID syntax is the variable length.
https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures
Changes to CVE-ID Syntax
In order to support CVE ID's beyond CVE-YEAR-9999 (aka the CVE10k problem) a change was made to the CVE syntax in 2014 and took effect on Jan 13, 2015 [5]The new CVE-ID syntax is variable length and includes:
CVE prefix + Year + Arbitrary Digits
NOTE: The variable length arbitrary digits will begin at four (4) fixed digits and expand with arbitrary digits only when needed in a calendar year, for example, CVE-YYYY-NNNN and if needed CVE-YYYY-NNNNN, CVE-YYYY-NNNNNNN, and so on. This also means there will be no changes needed to previously assigned CVE-IDs, which all include a minimum of 4 digits.