oss-sec mailing list archives
Re: Bugzilla 3.7.1 CVE request
From: Reed Loden <reed () reedloden com>
Date: Wed, 7 Jul 2010 01:54:35 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 6 Jul 2010 00:51:40 -0600 Kurt Seifried <kurt () seifried org> wrote:
CVE # for this please. http://www.bugzilla.org/security/3.7.1/
This security issue only affects the 3.7 and 3.7.1 development "snapshots" (basically, alpha/beta quality). It's highly unlikely that any distro would be tracking this unstable version/branch, so is a CVE really required? If so, Mozilla can assign one from its pool. I usually deal with getting CVEs assigned for Bugzilla issues, and I just didn't think this one required one... However, maybe I was mistaken in that. ~reed Mozilla Security Group - -- Reed Loden - <reed () reedloden com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAkw0JKwACgkQa6IiJvPDPVrDPwCfax7OoqAr2Di+vZ0NQdXIrxZV pFMAoLBKcbef1hSrDiyeRUm7bTCoCmZY =EhY+ -----END PGP SIGNATURE-----
Current thread:
- Bugzilla 3.7.1 CVE request Kurt Seifried (Jul 06)
- Re: Bugzilla 3.7.1 CVE request Reed Loden (Jul 06)
- Re: Bugzilla 3.7.1 CVE request Moritz Muehlenhoff (Jul 08)
- Re: Bugzilla 3.7.1 CVE request Reed Loden (Jul 06)