Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 14 Jul 2014 11:10:26 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: [ruby-core:63604] [ruby-trunk - Bug #10019] [Open]
 segmentation fault/buffer overrun in pack.c (encodes)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 14/07/14 11:01 AM, Ramon de C Valle wrote:
> The fix for the (off-by-one) issue was added in
> https://bugs.ruby-lang.org/projects/ruby-trunk/repository/revisions/46778.
> Is MITRE or Red Hat going to assign a CVE for it?

I (and by extension Red Hat) are no longer doing the CVE assignments
for public issues here unless it is a time dependant emergency,
basically any CVE requests here will be handled by Mitre.

- -- 
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJTxA8BAAoJEBYNRVNeJnmTQecP/i+ZpwCqVpra/KG4NIs/HWTh
bzsSq17Q8DQ+VmM5aar19D9xJT6ap6zeR0pHfsNbeN+YOGyjLKfGRc5mOGWwy0do
+mfCiqvHX3khA5T73EJK5DsValsQPhXzt0moVA+a3iY5yyFhzyj+MB85b+3LU4CL
RiBk9zhi8HxReVAk9cHxTEhNz9dTML+ukMeLhTbAeDXY79R3hXfvgYYfe32eT7xe
tn4d+Rf6Sic30FF7AQWOyLnuIYjM+kTLqw9d56SoqyXAAr9a0SU9CQFb9vI5RD6E
ZgEBiGoBiJdmN5W6Mzf8M2/0990/XLttzWbSFdrsUlcLAELFaTb1nLAxvIdEtVip
IkpEh53x7modo5OyUR42/Tr0R3n0m7g+5i3c0TwMuH+KFO3MhvzmwCYbPUUsFMqP
egaaXiJBa0y8Kej6K/Aqm1ua/0AHhIIWCy8xLoPi9Q2GJLSTRl42gyN6F2gmXi0r
eDbIj2t+O7U84YLITtzil8IwFZKnO2RdfyIHKvSouhgkWszAr707vP0X5s8FCOL2
1k1r+hv5R72ZCKVuMKQjVjNGmpD4NVGclD5RlKSnMtdeeIqlBSz3jaVihRwB/r8O
wRRKZ/n/uLAkML8VFWGKqJgF35tUq/84Xs+W2Wu/AUeozyFtEBTQnA7aoxfKhqxB
1G9UwkloGN4a+UWPxtZo
=HXAc
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ