Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <AANLkTi=VUkERojQLCt=mOjiOfXdVKyUzLjmvKtg_H+LR@mail.gmail.com>
Date: Tue, 24 Aug 2010 11:34:42 +0200
From: Pierre Joye <pierre.php@...il.com>
To: Thomas Biege <thomas@...e.de>
Cc: oss-security@...ts.openwall.com, Tomas Hoger <thoger@...hat.com>, 
	Moritz Muehlenhoff <jmm@...ian.org>, "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: PHP MOPS-2010-56..60

hi,

On Tue, Aug 24, 2010 at 9:40 AM, Thomas Biege <thomas@...e.de> wrote:
> Am Freitag, 20. August 2010, 18:45:47 schrieb Pierre Joye:
> ..
>> > I miss that part, thanks for pointing me to it. I will commit a fix
>> > later today.
>>
>> Done: http://svn.php.net/viewvc?view=revision&revision=302565
>
> Does it need a new CVE-ID?
>
> --
>  Thomas Biege <thomas@...e.de>, SUSE LINUX, Security Support & Auditing
>  SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
>

Not sure as #24 was never fixed, but I don't know what is the policy
in this case. I can use CVE-2010-2094 or a new one if it is more
appropriate or cleaner.

Cheers,
-- 
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.