Re: Bugzilla 3.7.1 CVE request

[Reed Loden <reed () reedloden com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 6 Jul 2010 00:51:40 -0600
Kurt Seifried <kurt () seifried org> wrote:

> CVE # for this please.
>
> http://www.bugzilla.org/security/3.7.1/

This security issue only affects the 3.7 and 3.7.1 development
"snapshots" (basically, alpha/beta quality). It's highly unlikely that
any distro would be tracking this unstable version/branch, so is a CVE
really required? If so, Mozilla can assign one from its pool.

I usually deal with getting CVEs assigned for Bugzilla issues, and I
just didn't think this one required one... However, maybe I was
mistaken in that.

~reed
Mozilla Security Group

- -- 
Reed Loden - <reed () reedloden com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkw0JKwACgkQa6IiJvPDPVrDPwCfax7OoqAr2Di+vZ0NQdXIrxZV
pFMAoLBKcbef1hSrDiyeRUm7bTCoCmZY
=EhY+
-----END PGP SIGNATURE-----