oss-sec mailing list archives
Re: CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version
From: Josh Bressers <bressers () redhat com>
Date: Mon, 31 Jan 2011 16:24:09 -0500 (EST)
Please use CVE-2011-0530. Thanks. -- JB ----- Original Message -----
Hello Josh, Steve, vendors, Originally, CVE-2005-3534: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3534 has been assigned to NBD and addressed in nbd-v2.8.3 version: [2] http://sourceforge.net/project/shownotes.php?release_id=380202&group_id=13229 via changeset: [3] https://github.com/yoe/nbd/commit/4ed24fe0d64c7cc9963c57b52cad1555ad7c6b60 But nbd-v2.9.0: [4] http://sourceforge.net/projects/nbd/files/nbd/2.9.0/ contains the issue again. This flaw was fixed second time via upstream changeset: [5] https://github.com/yoe/nbd/commit/3ef52043861ab16352d49af89e048ba6339d6df8 References: [6] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611187 [7] https://bugzilla.redhat.com/show_bug.cgi?id=673562 Could you allocate a CVE id for this? Thanks && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version Jan Lieskovsky (Jan 28)
- Re: CVE Request -- NDB: CVE-2005-3534 reintroduced in upstream nbd-v2.9.0 version Josh Bressers (Jan 31)