Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160327113443.GA4418@eldamar.local>
Date: Sun, 27 Mar 2016 13:34:43 +0200
From: Salvatore Bonaccorso <carnil@...ian.org>
To: oss-security@...ts.openwall.com
Cc: "cve-assign@...re.org >> Assign a CVE Identifier" <cve-assign@...re.org>
Subject: Re: older fuseiso stuff

Hi,

On Mon, Feb 23, 2015 at 10:24:14AM +0100, Florian Weimer wrote:
> On 02/07/2015 12:17 AM, Kurt Seifried wrote:
> > https://bugzilla.redhat.com/show_bug.cgi?id=863102 
> > https://bugzilla.redhat.com/show_bug.cgi?id=863091
> > 
> > may warrant a CVE
> 
> I opened up the dependent bugs which have more information:
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=861358
> https://bugzilla.redhat.com/show_bug.cgi?id=862211
> 
> Note that fuseiso is fairly broken and does not even support UDF, so
> its usefulness is limited.  Newer systems have the unprivileged image
> mounting functionality provided by udisks2, so a userspace
> implementation of the ISO 9660 and UDF file systems is no longer needed.

Can two CVEs still be assigned for this issue to have an identifier
for the issues?

Regards,
Salvatore

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.