Date: Thu, 23 Oct 2014 02:20:20 -0400 (EDT) From: Arun Babu Neelicattu <abn@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185 Pinging this thread, since there has been no response since September 17. ----- Original Message ----- > From: "Arun Babu Neelicattu" <abn@...hat.com> > To: oss-security@...ts.openwall.com > Sent: Wednesday, September 17, 2014 2:10:16 PM > Subject: [oss-security] Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185 > > Recently Apache Tomcat issued an advisory  for CVE-2013-4444 . However, > this flaw was reported to the Apache Tomcat Security team last year. We were > instructed that Apache Tomcat team did not consider this a vulnerability. > Red Hat Product Security handled this issue as CVE-2013-2185  in our > affected products. > > We request that CVE-2013-4444 be marked as a duplicate of CVE-2013-2185. > > -arun > >  http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.40 >  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4444 >  https://bugzilla.redhat.com/CVE-2013-2185 > > -- > Arun Neelicattu / Red Hat Product Security > PGP: 0xC244393B 5229 F596 474F 00A1 E416 CF8B 36F5 5054 C244 393B >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ