Date: Fri, 01 Aug 2014 07:47:53 -0700 From: Ben Reser <ben@...er.org> To: Marcus Meissner <meissner@...e.de>, OSS Security List <oss-security@...ts.openwall.com> Subject: Re: Possible CVE request: subversion MD5 collision authentication leak On 8/1/14 3:12 AM, Marcus Meissner wrote: > The subversion list has fixed a md5 collision attack possibility. > > http://mail-archives.apache.org/mod_mbox/subversion-dev/201407.mbox/%3C53DAB4A7.8030004%40reser.org%3E > > http://svn.apache.org/r1550691 > http://svn.apache.org/r1550772 > > The referenced E-Mail speaks about CVE request, so not sure who will assign > one. Already got one (the request was directed at security@...che.org who hand them out to us): CVE-2014-3528.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.