Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 14 Aug 2015 15:09:39 -0800
From: Michael McNally <mcnally@....org>
To: Florian Weimer <fweimer@...hat.com>
CC: oss-security@...ts.openwall.com, 
 "security-officer@....org" <security-officer@....org>
Subject: Re: Is CVE-2015-4650 a duplicate, leak, or just a typo?

On 8/12/15 5:42 AM, ISC Security Officer wrote:

> Speaking for ISC on the matter, I suspect a typo as well; at any rate
> we have no knowledge of a CVE with that number. 

We contacted the administrators of the web page that Florian identified
as the origin of the error and asked them about it.  I include their
response, which confirms that it was an inadvertent typo.

> Hi Michael,
> 
> Thanks for flagging this for us.  It is indeed a typo.
> We've corrected our release notes and security advisory.
> 
> https://www.alienvault.com/forums/discussion/5706/
> 
> Regards,
> Jim
> 
> -------------------------------------------------------------------------------------------
> Jim Hansen
> AlienVault, Inc. | VP, Product Management

If you spot "CVE-2015-4650" (the typo'ed number) in use elsewhere,
please either inform the page owner of the error or inform
security-officer@....org if you think that people will be significantly
mislead by the error.

Thank you,

Michael McNally
(responding as ISC Security Officer)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ