Date: Fri, 01 Aug 2014 07:47:53 -0700 From: Ben Reser <ben@...er.org> To: Marcus Meissner <meissner@...e.de>, OSS Security List <oss-security@...ts.openwall.com> Subject: Re: Possible CVE request: subversion MD5 collision authentication leak On 8/1/14 3:12 AM, Marcus Meissner wrote: > The subversion list has fixed a md5 collision attack possibility. > > http://mail-archives.apache.org/mod_mbox/subversion-dev/201407.mbox/%3C53DAB4A7.8030004%40reser.org%3E > > http://svn.apache.org/r1550691 > http://svn.apache.org/r1550772 > > The referenced E-Mail speaks about CVE request, so not sure who will assign > one. Already got one (the request was directed at security@...che.org who hand them out to us): CVE-2014-3528.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ