Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 9 Jan 2014 13:44:49 -0500 (EST)
From: cve-assign@...re.org
To: fweimer@...hat.com, guido+openwall.com@...hoerster.name
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: tmux local denial of service (2009)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> allows users to override the socket path using the -S command line option.

We'd like to consider this ineligible for a CVE unless there's new
information. In many cases, "ability to cause an inconvenience" is not
sufficient for a CVE assignment. The nature of the application
apparently makes it unlikely that this would, for example, disrupt
unattended root-executed scripts that have a hardcoded tmux command
line.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJSzu1/AAoJEKllVAevmvmskekH/2A4wotaBeyRrTUT99tKnoCd
DOizyyQys3yF+1+UnV95nuaa6JKChsZvK96Q5U3fhJ94Sqw4Cq04q2Kac5MBTHub
E/R8/gNru8TlDKq3IGwBmigQYjXO56p3nps/a6b/NcZ0DhT2JBm+VTCUgJMtTs2Z
hAEhNr5fvihRUdlpfyGNT2PXdGqcHZZSdEqB1oMkNAAEKGSNNOlKK+lzQhi6SBIp
TPOVizxKKjG0xBXxlCfkla+uJnOYHWaVYTGR+3rfCe71ZKJdpx3mbBDCEu76+ojh
xCUkruwZhtw9XtcSp9OzZEJKhm6gN4QXeSq3ifzZ3v0+f66UrBSjf04ewD9RSkM=
=M+g3
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.