Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 22 Feb 2011 12:27:37 -0500 (EST)
From: "Steven M. Christey" <>
Subject: Re: CVE request: avahi daemon remote denial of service
 by sending NULL UDP

On Fri, 18 Feb 2011, Josh Bressers wrote:

> I just gave it CVE-2011-1002.
> Thanks for pointing this out!

The original researcher, nuh, originally requested CVE-2011-0634 for this 
issue.  I see that the RH bug 667187 lists both CVEs, so maybe there was a 
race condition in CVE assignment somewhere?

Let's prefer CVE-2011-1002, and I will REJECT CVE-2011-0634.

- Steve

> --
>    JB
> ----- Original Message -----
>> Hello,
>> does the following need a CVE-ID or already has one assigned?
>> Thanks,
>> Thomas
>> --
>> Thomas Biege <>, SUSE LINUX, Security Support & Auditing
>> SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
>> --
>> Wer aufhoert besser werden zu wollen, hoert auf gut zu sein.
>> -- Marie von Ebner-Eschenbach

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.