Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 01 Aug 2014 07:47:53 -0700
From: Ben Reser <ben@...er.org>
To: Marcus Meissner <meissner@...e.de>, 
 OSS Security List <oss-security@...ts.openwall.com>
Subject: Re: Possible CVE request: subversion MD5 collision authentication
 leak

On 8/1/14 3:12 AM, Marcus Meissner wrote:
> The subversion list has fixed a md5 collision attack possibility.
> 
> http://mail-archives.apache.org/mod_mbox/subversion-dev/201407.mbox/%3C53DAB4A7.8030004%40reser.org%3E
> 
> http://svn.apache.org/r1550691
> http://svn.apache.org/r1550772
> 
> The referenced E-Mail speaks about CVE request, so not sure who will assign
> one.

Already got one (the request was directed at security@...che.org who hand them
out to us): CVE-2014-3528.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.