Date: Thu, 19 May 2011 21:52:32 +0300 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Subject: Re: Dovecot releases On Thu, May 19, 2011 at 02:43:51PM -0400, Josh Bressers wrote: > > > ----- Original Message ----- > > Henri Salo wrote: > > > Should these two get CVE-identifier(s)? > > > > > > http://dovecot.org/pipermail/dovecot/2011-May/059085.html > > > http://dovecot.org/pipermail/dovecot/2011-May/059086.html > > > > http://hg.dovecot.org/dovecot-1.1/rev/3698dfe0f21c > > > > As best as I can tell, just the header NULL issue deserves a CVE id. > CVE-2011-1929 > > Thanks. > > -- > JB Thank you for your response. I wonder why Dovecot-project does not request these by themselves. I notified the mailing-list about new CVE-identifier. Best regards, Henri Salo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.