znc id: CVE-2010-2448 or CVE-2010-2488?

[Raphael Geissert <geissert () debian org>]

Hi,

Some weeks ago I requested an id for a null pointer dereference in ZNC.
Josh assigned CVE-2010-24*8*8.

Because of a typo, the CVE id referenced in the DSA I released was 
CVE-2010-24*4*8 [1] (previously assigned by Steven to a gitolite issue, 
SA39587.) I updated our tracker as soon as I noticed the typo.

However, in the last batch of CVE updates, the znc issue appeared with the 
incorrect id (i.e. CVE-2010-24*4*8.)

VUPEN and SecurityFocus already picked up the wrong id.

How should we proceed?

I would like to apologise for the inconvenience.

[1]http://www.openwall.com/lists/oss-security/2010/06/24/5

Kind regards,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net