Date: Tue, 26 May 2009 01:28:12 +0200 From: Nico Golde <oss-security+ml@...lde.de> To: oss-security@...ts.openwall.com Subject: CVE-2009-0161 dupe of CVE-2009-0642 Hi, looks like CVE-2009-0161 is a dupe of the original CVE id that already covered invalid return value checking of OCSP_basic_verify. This is not the first time Apple products receive their own CVE id for issues in the underlying oss product (e.g. webkit very often). Is that on purpose or is that just because Apple is lacking to provide the proper information to notice that? Cheers Nico -- Nico Golde - http://www.ngolde.de - nion@...ber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.