Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 15 May 2013 19:48:19 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: sd <sd@...ksheep.org>
Subject: Re: CVE Request: linux kernel perf out-of-bounds access

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/15/2013 12:08 AM, sd wrote:
> Frankly, that there was not a CVE for this came as a surprise to me
> later as I simply hit the release button each time I spot my bug
> killed when I'm auditing the git commit backlog - usually there is
> fully armed exploit and advisory already.

If you think you find a CVE worthy flaw in the Linux kernel please let
me know and I can get it a CVE asap. Same goes for most anything Open
Source. If I'm away email secalert@...hat.com and someone else on the
SRT team will attend to the CVE request.

We (Red Hat SRT) really, really like giving CVEs to issues, it makes
life so much easier for all concerned. We'd rather deal with a false
positive than miss something (like this one sort of got missed a bit =(.


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRlDrjAAoJEBYNRVNeJnmTnY0P/j1at21RoqLtGOEms2+kunNF
PJJLFs/ypNw/leelkrPv5kqx5DXyPy4ZlwT+HNZxMzmL+j09XB0rVfHSzq2YJbvJ
dyyCTc1YD8FAhyD7ENJjk4i2jnKT78Mi936mnd2nCxmQGj5hlkCW896B4eoSpx5O
wth6W2bvqunJSpkUmKIkNrKUrY0HQcMjpjV4X9P06KiRcBajz4OwUgtTUnfwfkHZ
oHpDYeP9AdIl6C6ibF5m9wBvOHJ7+bJct1UNmbMRV1pEv2AXTEM93CpE0jluvxeq
oT1IbryIzZJ7sAkCRL7Q4XqCM101HKhjVZ5tZ6V1tekVujGVixk3YghtqeisMFAL
WLr5asvbvw5SJvYkwp9flvnSZl7O+BgWv7wkj6zc2rdKsWgQ36cc9My9qdXcrE3U
/N6AwKXa/sbuJtgeCOTLO30srHf/92uyOVEvEk2PoRDcl99OJU44CNNIADkLP5+Y
iq9EzcHQhWL7hwn2I4V/tlI3WT6zwgbxwnZSBVGddA5vlkbYpx7AHEGD25ms33u1
WeTY1YWpU+fZYRDY0cBAkgCwrJZmbYedb9rarACOZrXcMH514vCe7jdrqa+upJCE
2gldxvt6XTjyl+P7aUBs9Bcyo8y0SYjdry+d9CkGyTGHbwfpb1VUKMCV07ahpY5z
aVgVohbsiT5qzOGcnsnu
=GE/R
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.