Dailydave mailing list archives

Re: DSU

From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 12 Jul 2006 11:00:39 +0200

nice try but then how do you explain the following:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2448

in particular note the date of the CVE entry vs. that of the commit
and the obvious discrepancy between the two descriptions.


There is no discrepancy.  The commit message does not address the
security aspect at all.

something known to be as a security bug in May (hence the request
for the CVE entry) was committed with a rather non-descript message
next month.


The CVE name likely likely comes from a CNA pool.  In this case, the
assignment date has *nothing* to do with the discovery date.

i for one would really like to see what went on on vendor-sec or the
kernel security list regarding this bug.


Hey, a local DoS on a fringe architecture is not worth a conspiracy.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

DSU Dave Aitel (Jul 11)
- Re: DSU pageexec (Jul 11)
  - Re: DSU Florian Weimer (Jul 12)
    - Re: DSU pageexec (Jul 12)
    - Re: DSU Florian Weimer (Jul 12)
    - Re: DSU pageexec (Jul 12)
    - Re: DSU TINNES Julien RD-MAPS-ISS (Jul 12)
- Re: DSU H D Moore (Jul 12)
  - Re: DSU TINNES Julien RD-MAPS-ISS (Jul 12)
- <Possible follow-ups>
- Re: DSU Rodrigo Rubira Branco (BSDaemon) (Jul 12)
- Re: DSU Steven M. Christey (Jul 26)