Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 16 Feb 2011 19:37:42 +0100
From: Moritz Muehlenhoff <jmm@...ian.org>
To: oss-security@...ts.openwall.com
Cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request - kernel: bridge br_multicast NULL
	pointer dereference

On Wed, Feb 16, 2011 at 08:44:08AM -0500, Josh Bressers wrote:

> > (2.6.34-rc1), the check was removed in 8ef2a9a5 (v2.6.35-rc1), and
> > subsequently restored in 7f285fa78d (v2.6.35-rc5).
> > 
> 
> Please use CVE-2011-0709.

I don't think it makes sense to assign CVE IDs to issues, which only
occured in development snapshots?

This wasn't done in the past and it creates needless overhead.

Cheers,
        Moritz

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.