Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 17 Feb 2014 04:12:07 -0500 (EST)
From: Arun Neelicattu <abn@...hat.com>
To: oss-security@...ts.openwall.com
Cc: cve-assign@...re.org
Subject: Re: CVE Split: CVE-2014-0050 Apache Commons
 FileUpload and Apache Tomcat DoS

Hi,

Checking to see if there has been a decision regarding this? Will there be a split?

-arun

----- Original Message -----
> From: "Arun Neelicattu" <abn@...hat.com>
> To: oss-security@...ts.openwall.com
> Cc: cve-assign@...re.org
> Sent: Friday, February 7, 2014 11:09:49 AM
> Subject: [oss-security] CVE Split: CVE-2014-0050 Apache Commons FileUpload and Apache Tomcat DoS
> 
> Hi,
> 
> CVE-2014-0050 was assigned to a flaw that affects both Apache Commons
> FileUpload and Apache Tomcat DoS [1].
> 
> Although Commons FileUpload and Tomcat are affected by this flaw and the
> vulnerable classes share the same ancestry, the code bases for them have
> been maintained in separate source trees for a long while now.
> 
> Can this CVE be split?
> 
> -arun
> 
> [1] http://seclists.org/fulldisclosure/2014/Feb/41
> 
> --
> Arun Neelicattu / Red Hat Security Response Team
> PGP: 0xC244393B 5229 F596 474F 00A1 E416  CF8B 36F5 5054 C244 393B
> 

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ