|
Message-ID: <CAA7hUgEJ4RjDX_B+nUhDRT7F+Ju-VKeB9VU=6p6KY-dcdKnQTg@mail.gmail.com> Date: Tue, 17 Sep 2013 10:30:38 +0200 From: Raphael Geissert <geissert@...ian.org> To: Kurt Seifried <kseifried@...hat.com>, Florian Weimer <fweimer@...hat.com> Cc: oss-security@...ts.openwall.com Subject: Re: Re: CVE Request: glibc getaddrinfo() stack overflow On 17 September 2013 04:27, Kurt Seifried <kseifried@...hat.com> wrote: > I prefer things to be explicit rather than assumed =). > Please use CVE-2013-4357 for this issue. What exactly is that id meant to cover? do you have commit references for the issue (singular)? (also note that glibc#12671 is from 2011) Or is the whole bunch of patches from extend_alloca supposed to be CVE-noisy^Wworthy? Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.