oss-sec mailing list archives
Re: CVE request: lxr
From: Henri Salo <henri () nerv fi>
Date: Mon, 3 May 2010 18:25:23 +0300
On Mon, 3 May 2010 09:31:16 -0400 Dan Rosenberg <dan.j.rosenberg () gmail com> wrote:
I discovered and reported this bug at the same time as two other XSS issues, including the one covered by CVE-2009-4497. While the commit may be a few days apart for some of these, I think they can safely fall under the same CVE, unless it's standard practice to assign CVEs for each of several related minor issues.
Several XSS-vulnerabilities can have one CVE at least when those vulnerabilities are fixed at the same time. Can someone verify what is the policy by the book? --- Henri Salo
Current thread:
- CVE request: lxr Raphael Geissert (May 02)
- Re: CVE request: lxr Dan Rosenberg (May 03)
- Re: CVE request: lxr Henri Salo (May 03)
- Re: CVE request: lxr Josh Bressers (May 03)
- Re: CVE request: lxr Henri Salo (May 03)
- Re: CVE request: lxr Dan Rosenberg (May 03)
- Re: CVE request: lxr Henri Salo (May 03)
- Re: CVE request: lxr Steven M. Christey (May 06)
- Re: CVE request: lxr Dan Rosenberg (May 06)
- Re: CVE request: lxr Josh Bressers (May 14)
- Re: CVE request: lxr Dan Rosenberg (May 14)
- Re: CVE request: lxr Josh Bressers (May 14)
- Re: CVE request: lxr Dan Rosenberg (May 03)