Date: Fri, 28 Jan 2011 19:15:10 +0100 From: Jan Lieskovsky <jlieskov@...hat.com> To: "Steven M. Christey" <coley@...us.mitre.org> CC: oss-security <oss-security@...ts.openwall.com>, Wouter Verhelst <wouter@...ian.org> Subject: CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version Hello Josh, Steve, vendors, Originally, CVE-2005-3534:  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3534 has been assigned to NBD and addressed in nbd-v2.8.3 version:  http://sourceforge.net/project/shownotes.php?release_id=380202&group_id=13229 via changeset:  https://github.com/yoe/nbd/commit/4ed24fe0d64c7cc9963c57b52cad1555ad7c6b60 But nbd-v2.9.0:  http://sourceforge.net/projects/nbd/files/nbd/2.9.0/ contains the issue again. This flaw was fixed second time via upstream changeset:  https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8 References:  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611187  https://bugzilla.redhat.com/show_bug.cgi?id=673562 Could you allocate a CVE id for this? Thanks && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.