CVE-2009-3297 clarification needed - samba/fuse/ncpfs symlinks

["Steven M. Christey" <coley () linus mitre org>]

Regarding these bug reports:

https://bugzilla.redhat.com/show_bug.cgi?id=532940
https://bugzilla.redhat.com/show_bug.cgi?id=558833
https://bugzilla.samba.org/show_bug.cgi?id=6853

It seems that a separate CVE should be assigned for samba, fuse, and 
ncpfs, since these are all distinct codebases.

Since the Samba bug report says that Debian assigned CVE-2009-3297 to the 
Samba part, it looks like two new CVEs are needed, one for fuse and one 
for ncpfs.

Am I missing something here?


Thanks,
Steve