Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 18 Oct 2013 14:16:31 -0700
From: Forest Monsen <forest.monsen@...il.com>
To: Henri Salo <henri@...v.fi>
Cc: "security@...pal.org" <security@...pal.org>, oss-security@...ts.openwall.com
Subject: Re: CVE duplicates SA-CONTRIB-2013-075

On Sat, Oct 5, 2013 at 4:10 AM, Henri Salo <henri@...v.fi> wrote:

> Advisory https://drupal.org/node/2087055 says:
>
> CVE-2013-4381 (XSS)
> CVE-2013-4382 (CSRF)
>
> Are these duplicate CVEs with CVEs below or is there something I am
> missing?
>

Henri, it certainly looks like these are duplicates. However, Kurt
facilitated CVE assignment in
http://www.openwall.com/lists/oss-security/2013/09/27/6 , so it's not clear
to me how the NVD catalogued different identifiers.

Best,
Forest

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.