Date: Mon, 17 Feb 2014 04:12:07 -0500 (EST) From: Arun Neelicattu <abn@...hat.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: Re: CVE Split: CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS Hi, Checking to see if there has been a decision regarding this? Will there be a split? -arun ----- Original Message ----- > From: "Arun Neelicattu" <abn@...hat.com> > To: oss-security@...ts.openwall.com > Cc: cve-assign@...re.org > Sent: Friday, February 7, 2014 11:09:49 AM > Subject: [oss-security] CVE Split: CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS > > Hi, > > CVE-2014-0050 was assigned to a flaw that affects both Apache Commons > FileUpload and Apache Tomcat DoS . > > Although Commons FileUpload and Tomcat are affected by this flaw and the > vulnerable classes share the same ancestry, the code bases for them have > been maintained in separate source trees for a long while now. > > Can this CVE be split? > > -arun > >  http://seclists.org/fulldisclosure/2014/Feb/41 > > -- > Arun Neelicattu / Red Hat Security Response Team > PGP: 0xC244393B 5229 F596 474F 00A1 E416 CF8B 36F5 5054 C244 393B >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ