Date: Wed, 17 Aug 2016 19:05:06 +0200 From: Remi Gacogne <rgacogne@...hlinux.org> To: oss-security@...ts.openwall.com Cc: Werner Koch <wk@...pg.org> Subject: Re: Libgcrypt and GnuPG 1.4 RNG output prediction Hi, On 08/17/2016 06:58 PM, Solar Designer wrote: > <@...cogne> @gnupg @solardiz The CVE number (CVE-2016-6316) seems to have been used to track another security issue rubygem-actionview, is that correct? > > There does in fact appear to be a CVE ID clash, with: > > http://www.openwall.com/lists/oss-security/2016/08/11/6 Apparently the correct CVE number is CVE-2016-6313: https://twitter.com/gnupg/status/765956493720055808 [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ