Date: Thu, 29 Dec 2011 12:31:48 -0500 (EST) From: Kurt Seifried <kseifrie@...hat.com> To: oss-security@...ts.openwall.com Cc: kseifried@...hat.com Subject: Re: More CVEs? (was Re: [oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision) >> Credit: vulnerability report and PoC code received from Alexander >> Klink <alexander.klink AT nruns.com> and Julian Waelde <jwaelde AT >> cdc.informatik.tu-darmstadt.de>. >> >> CVE: CVE-2011-4461 (Jetty), CVE-2011-4838 (JRuby), CVE-2011-4885 >> (PHP), CVE-2011-4462 (Plone), CVE-2011-4815 (Ruby) > >Kurt or other CVE assigners, can you please assign a bunch for python, >java, tomcat etc. pp. > >-- >Hanno Böck mail/jabber: hanno@...eck.de >GPG: BBB51E42 http://www.hboeck.de/ I am going to defer this to Steve/etc, as I had nothing to do with the original CVE assignments so I have no idea (maybe they got assigned but not published? Not assigned yet due to split/merge issues? not assigned due to other reasons?). -- Kurt Seifried / Red Hat Security Repsonse Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.