Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 11 Dec 2013 23:56:36 -0500 (EST)
From: cve-assign@...re.org
To: mmcallis@...hat.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: devscripts (uscan) command execution flaw

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

shell metacharacters in
>newfangled debian/copyright-driven repacking

Use CVE-2013-7050.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJSqUHQAAoJEKllVAevmvmstv8IAL+PGA94uA3UM4SCWJ/6LXp1
ysAg7LVK0GAryAu5z2u/mia1FLtYsjUlGsEDvHBQvjSIAeIQPmZ55bCo8F7liELK
ThrHJ/ruI/F2ceW0mCNJU6sCB3/hQfSIRnPUptVCNta16O/jqAMhBmUAn7VzaDl4
/7bigq53troroN5gHZmFOqP8e3hUuWBrGYU8n5jhZLp32dju60TuEMhUcgeN0QDN
zquFqGr6ek3FXuwPiIWHyAIedKshC5XUSqLh4x6zGuvkMTzUZ80CHM5lno+jBGOZ
oX1h+XyyaoxBUgfxCQwKK4inkG/nabJq9vmtribRNhuvZLYbTOl4OxcYEnzjoWI=
=9Dq3
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.