Date: Tue, 03 Dec 2013 21:50:31 -0600 From: Jamie Strandboge <jamie@...onical.com> To: oss-security@...ts.openwall.com, kseifried@...hat.com Subject: Duplicate OpenStack CVEs for Horizon? Hi, I was looking at https://bugs.launchpad.net/ossa/+bug/1247675 and it looks like upstream Horizon got CVE-2013-6406 assigned (referenced in the bug). http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730752 also references this Launchpad bug, but does not reference a CVE. Secunia http://secunia.com/advisories/55770 references CVE-2013-6406. https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6858 references the Launchpad bug and the Secunia advisory, but has a different CVE. The only reference I found to CVE-2013-6858 was the RedHat bug. Is CVE-2013-6858 simply a duplicate of CVE-2013-6406 or were these supposed to be split out for some reason? Thanks -- Jamie Strandboge http://www.ubuntu.com/ Download attachment "signature.asc" of type "application/pgp-signature" (902 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.