Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20131215202327.GN2348@openstack.org>
Date: Sun, 15 Dec 2013 20:23:27 +0000
From: Jeremy Stanley <jeremy@...nstack.org>
To: oss-security@...ts.openwall.com
Subject: Re: Re: Issue with PYTHON_EGG_CACHE

On 2013-12-15 14:47:12 -0500 (-0500), cve-assign@...re.org wrote:
> This message seems to disclose a vulnerability in an unspecified
> version of OpenStack Swift.
[...]
> Use CVE-2013-7109 for this report about OpenStack Swift. Again,
> CVE-2013-7109 is not an ID for which setuptools is the affected
> product.

I don't think this was intended as a CVE request. The OpenStack VMT
had already determined this was non-exploitable in Swift over the
course of https://launchpad.net/bugs/1192966 and explicitly decided
not to request a CVE nor issue an advisory.
-- 
Jeremy Stanley

Download attachment "signature.asc" of type "application/pgp-signature" (967 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.