Date: Fri, 23 Oct 2015 08:54:26 +0200 From: Martin Prpic <mprpic@...hat.com> To: "oss-security\@...ts.openwall.com" <oss-security@...ts.openwall.com> Subject: Duplicate CVE: CVE-2015-7703 in NTP Hi, It seems that NTP upstream has also requested a CVE (and had one assigned) for this issue: Bug 2902 : CVE-2015-7703 configuration directives "pidfile" and "driftfile" should only be allowed locally. (RedHat) [http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner] However, Red Hat assigned CVE-2015-5196 to this issue when it was first discovered: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-5196 Can CVE-2015-7703 please be rejected? Thank you! -- Martin Prpič / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ