Date: Tue, 13 Jul 2010 19:12:17 -0500 From: Raphael Geissert <geissert@...ian.org> To: oss-security@...ts.openwall.com Subject: znc id: CVE-2010-2448 or CVE-2010-2488? Hi, Some weeks ago I requested an id for a null pointer dereference in ZNC. Josh assigned CVE-2010-24*8*8. Because of a typo, the CVE id referenced in the DSA I released was CVE-2010-24*4*8  (previously assigned by Steven to a gitolite issue, SA39587.) I updated our tracker as soon as I noticed the typo. However, in the last batch of CVE updates, the znc issue appeared with the incorrect id (i.e. CVE-2010-24*4*8.) VUPEN and SecurityFocus already picked up the wrong id. How should we proceed? I would like to apologise for the inconvenience. http://www.openwall.com/lists/oss-security/2010/06/24/5 Kind regards, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ