Date: Thu, 16 Dec 2010 16:59:12 +0100 From: Ludwig Nussel <ludwig.nussel@...e.de> To: Mark Stosberg <mark@...mersault.com> Cc: oss-security@...ts.openwall.com, Marcela Maslanova <mmaslano@...hat.com>, Petr Pisar <ppisar@...hat.com>, "Chris 'BinGOs' Williams" <chris@...gosnet.co.uk>, Reed Loden <reed@...dloden.com>, Masahiro Yamada <masa141421356@...il.com>, Byron Jones <glob@...b.com.au>, Lincoln Stein <lincoln.stein@...il.com> Subject: Re: Re: CVE Request -- perl-CGI two ids, perl-CGI-Simple one id (CVE-2010-3172 already assigned for Bugzilla part) Mark Stosberg wrote: > Yes, it is. However, later testing found that the issue wasn't > completely fixed in 3.50. A new patch has been developed, and is > currently pending review and acceptance by the primary CGI.pm author, > Lincoln Stein. (Now CC'ed). Any update on this? What are the remaining issues? cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.