oss-sec mailing list archives

Re: CVE id request: newsbeuter

From: "Steven M. Christey" <coley () linus mitre org>
Date: Thu, 4 Sep 2008 13:02:11 -0400 (EDT)


On Thu, 4 Sep 2008, Nico Golde wrote:

Please use version 1.2 here as the fix for 1.1 was
incomplete.


Our interpretation was that 1.1 fixes the vulnerability, but a
non-security bug forced the release of 1.2.  So 1.1, while perhaps
unusable in practice, was safe from the vuln.

Was that an incorrect interpretation?

- Steve

Current thread:

CVE id request: newsbeuter Nico Golde (Sep 01)
- Re: CVE id request: newsbeuter Nico Golde (Sep 02)
- Re: CVE id request: newsbeuter Steven M. Christey (Sep 04)
  - Re: CVE id request: newsbeuter Nico Golde (Sep 04)
    - Re: CVE id request: newsbeuter Steven M. Christey (Sep 04)
    - Re: CVE id request: newsbeuter Nico Golde (Sep 04)