Date: Thu, 4 Aug 2011 13:53:44 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: security@...ntu.com, coley@...us.mitre.org Subject: Re: CVE Request: foomatic-gui ----- Original Message ----- > On Fri, 2011-08-05 at 00:17 +1000, dave bl wrote: > > So while there aren't that many "users" of the old > > system-config-printer - it appears that debian old-stable (lenny) > > maybe vulnerable (where python-smbc is not available) ... is it > > worth > > while giving system-config-printer a 2008 CVE as well (if none > > currently exists). > > Yes, I think it is worth doing that. > This request doesn't really make any sense. It deserves a 2011 ID, that's when the flaw was discovered. My impression is that the code is the same, which means they will share the same ID. If the code is totally different, we will want to split. Time, you know best, is the code in question the same, or is it different? Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.