Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 04 Feb 2014 09:09:28 -0700
From: "Vincent Danen" <vdanen@...hat.com>
To: cve-assign@...re.org
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE request and heads-up on insecure temp file handling in
 unpack200 (OpenJDK, Oracle Java)

On 02/04/2014, at 7:48 AM, cve-assign@...re.org wrote:

>> I'm not sure if MITRE will be handling the assignment or if Oracle
>> will,
>
> We don't want to rule out the possibility that someone from Oracle
> will reply to the list and mention that this issue was the topic
> of an earlier private report to Oracle, and already has a CVE ID
> assigned. In general, MITRE will coordinate with Oracle to avoid a
> duplicate assignment.

Fair enough.  That's why I had included Oracle on the cc list, just in case.

Thanks.

-- 
Vincent Danen / Red Hat Security Response Team
Download attachment "signature.asc" of type "application/pgp-signature" (711 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ