Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 4 Oct 2016 20:01:21 +0200
From: Hanno Böck <>
To: Steve Richert <>
Subject: CVE request for code execution via gem name collission in bundler
 (was Re: CVE Request)


For readability of this mailing list I think it should be good practice
to say something meaningful in the subject.
We have tons of CVE requests here all the time, therefore "CVE Request"
is not meaningful.

I'm not the maintainer of this mailing list, but I'm sure everyone
agrees that something mentioning the name of the affected product and a
short indication of what kind of bug it is would be apprechiated.

Hanno Böck

GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.