Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4B4AECA3.40009@redhat.com>
Date: Mon, 11 Jan 2010 10:17:23 +0100
From: Jan Lieskovsky <jlieskov@...hat.com>
To: "Steven M. Christey" <coley@...us.mitre.org>
CC: oss-security <oss-security@...ts.openwall.com>,
        Alan T DeKok <aland@...eradius.org>,
        Evgeny Legerov <admin@...evydis.com>
Subject: FreeRadius 1.1.7 CVE-2009-4481 being duplicate of CVE-2009-3111

Hello Steve, Alan, Evgeny, vendors,

   this is due:

     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4481 being dupe CVE of
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3111

This was already discussed here:
     http://www.openwall.com/lists/oss-security/2009/09/09/1
     http://www.openwall.com/lists/oss-security/2009/09/09/4
     http://www.openwall.com/lists/oss-security/2009/09/09/5

Alan has confirmed in his reply with Message ID: <4AA7EFB6.5070609@...eradius.org>
(you should have it in you mbox, oss-security wasn't Cc-ed there), that it is the
same issue, as mentioned on intervydis.com.

And also Evgeny was so kind and updated intevydis.com page [1] to reflect
CVE-2009-3111 for FreeRADIUS DoS:

[1] http://intevydis.com/vd-list.shtml

Thanks && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.