oss-sec mailing list archives
znc id: CVE-2010-2448 or CVE-2010-2488?
From: Raphael Geissert <geissert () debian org>
Date: Tue, 13 Jul 2010 19:12:17 -0500
Hi, Some weeks ago I requested an id for a null pointer dereference in ZNC. Josh assigned CVE-2010-24*8*8. Because of a typo, the CVE id referenced in the DSA I released was CVE-2010-24*4*8 [1] (previously assigned by Steven to a gitolite issue, SA39587.) I updated our tracker as soon as I noticed the typo. However, in the last batch of CVE updates, the znc issue appeared with the incorrect id (i.e. CVE-2010-24*4*8.) VUPEN and SecurityFocus already picked up the wrong id. How should we proceed? I would like to apologise for the inconvenience. [1]http://www.openwall.com/lists/oss-security/2010/06/24/5 Kind regards, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Current thread:
- znc id: CVE-2010-2448 or CVE-2010-2488? Raphael Geissert (Jul 13)