Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20111230112656.5c9df449@redhat.com>
Date: Fri, 30 Dec 2011 11:26:56 +0100
From: Tomas Hoger <thoger@...hat.com>
To: oss-security@...ts.openwall.com, hanno@...eck.de
Cc: Andrea Barisani <lcars@...rt.org>
Subject: Re: More CVEs? (was Re: 
 [oCERT-2011-003] multiple implementations denial-of-service via hash
 algorithm collision)

On Thu, 29 Dec 2011 13:13:42 +0100 Hanno Böck wrote:

> Am Wed, 28 Dec 2011 19:07:30 +0100
> schrieb Andrea Barisani <lcars@...rt.org>:

> > CVE: CVE-2011-4461 (Jetty), CVE-2011-4838 (JRuby), CVE-2011-4885
> > (PHP), CVE-2011-4462 (Plone), CVE-2011-4815 (Ruby)
> 
> Kurt or other CVE assigners, can you please assign a bunch for python,
> java, tomcat etc. pp.

Few already assigned:

ASP.NET
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3414

Apache Geronimo
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5034

Oracle Glassfish
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5035

Rack
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5036

Google V8
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-5037

-- 
Tomas Hoger / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.