Date: Fri, 23 Oct 2015 23:53:04 +0200 From: Florian Weimer <fweimer@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: Re: Duplicate CVE: CVE-2015-7703 in NTP On 10/23/2015 06:39 PM, Kurt Seifried wrote: > I'm going to also ensure we communicate our CVE's to upstreams, I could > swear we did in this case but I can't find a specific artifact (e.g. sent > email) of doing so from myself (but quite often I just assign the CVE and > other people are handling the issue so that wouldn't be to abnormal) so I'm > going to go on the assumption we failed to do so properly and update our > process as well to ensure we do. This is not the case. <security@....org> was notified on 2015-08-20. As the flaws were of low impact and there was no reaction, we disclosed the issues here: <http://openwall.com/lists/oss-security/2015/08/25/3> I don't know what else we can do to avoid duplicates. Florian
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.