[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 26 Aug 2013 10:04:30 -0700 (PDT)
From: David Walser <luigiwalser@...oo.com>
To: "\"cve-assign@...re.org\"" <cve-assign@...re.org>,
"\"oss-security@...ts.openwall.com\"" <oss-security@...ts.openwall.com>,
"\"lwn@....net\"" <lwn@....net>
Cc: "security@...up.mageia.org" <security@...up.mageia.org>,
"tmb@....fi" <tmb@....fi>
Subject: Fw: python CVE typoed in Mageia advisory
More CVE confusion, and this time it's my fault. For the recent Python
ssl.match_hostname security issue, which was assigned CVE-2013-4238 here:
http://www.openwall.com/lists/oss-security/2013/08/13/2
I typoed it as CVE-2013-4328 while we (Mageia) were preparing the update and it
made it into our advisories:
http://advisories.mageia.org/MGASA-2013-0250.html
http://advisories.mageia.org/MGASA-2013-0252.html
So I think we'll get our advisories corrected soon. LWN, could you please
re-file them under the new vulnerability entry for the correct CVE?
http://lwn.net/Vulnerabilities/563961/ - typoed one
http://lwn.net/Vulnerabilities/564820/ - correct one
Sorry about this.
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
