Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 18 Oct 2013 14:16:31 -0700
From: Forest Monsen <forest.monsen@...il.com>
To: Henri Salo <henri@...v.fi>
Cc: "security@...pal.org" <security@...pal.org>, oss-security@...ts.openwall.com
Subject: Re: CVE duplicates SA-CONTRIB-2013-075

On Sat, Oct 5, 2013 at 4:10 AM, Henri Salo <henri@...v.fi> wrote:

> Advisory https://drupal.org/node/2087055 says:
>
> CVE-2013-4381 (XSS)
> CVE-2013-4382 (CSRF)
>
> Are these duplicate CVEs with CVEs below or is there something I am
> missing?
>

Henri, it certainly looks like these are duplicates. However, Kurt
facilitated CVE assignment in
http://www.openwall.com/lists/oss-security/2013/09/27/6 , so it's not clear
to me how the NVD catalogued different identifiers.

Best,
Forest

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.