Date: Tue, 4 Oct 2016 20:01:21 +0200 From: Hanno Böck <hanno@...eck.de> To: Steve Richert <steve@...lectiveidea.com> Cc: oss-security@...ts.openwall.com Subject: CVE request for code execution via gem name collission in bundler (was Re: CVE Request) Hi, For readability of this mailing list I think it should be good practice to say something meaningful in the subject. We have tons of CVE requests here all the time, therefore "CVE Request" is not meaningful. I'm not the maintainer of this mailing list, but I'm sure everyone agrees that something mentioning the name of the affected product and a short indication of what kind of bug it is would be apprechiated. -- Hanno Böck https://hboeck.de/ mail/jabber: hanno@...eck.de GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ