Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 23 Oct 2014 02:20:20 -0400 (EDT)
From: Arun Babu Neelicattu <abn@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: Duplicate Request: CVE-2013-4444 as a duplicate
 of CVE-2013-2185

Pinging this thread, since there has been no response since September 17.

----- Original Message -----
> From: "Arun Babu Neelicattu" <abn@...hat.com>
> To: oss-security@...ts.openwall.com
> Sent: Wednesday, September 17, 2014 2:10:16 PM
> Subject: [oss-security] Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185
> 
> Recently Apache Tomcat issued an advisory [1] for CVE-2013-4444 [2]. However,
> this flaw was reported to the Apache Tomcat Security team last year. We were
> instructed that Apache Tomcat team did not consider this a vulnerability.
> Red Hat Product Security handled this issue as CVE-2013-2185 [3] in our
> affected products.
> 
> We request that CVE-2013-4444 be marked as a duplicate of CVE-2013-2185.
> 
> -arun
> 
> [1] http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.40
> [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4444
> [3] https://bugzilla.redhat.com/CVE-2013-2185
> 
> --
> Arun Neelicattu / Red Hat Product Security
> PGP: 0xC244393B 5229 F596 474F 00A1 E416  CF8B 36F5 5054 C244 393B
> 

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ