oss-sec mailing list archives
Re: CVE UnRequest (minor) -- Pidgin / libpurple -- Cipher API information disclosure
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Mon, 21 Mar 2011 15:59:30 +0100
Hello vendors, Jan Lieskovsky wrote:
Hello Josh, Steve, vendors, the following: [1] http://pidgin.im/news/security/?id=50 Upstream patch:[2] http://developer.pidgin.im/viewmtn/revision/info/16f4c309528b82961b169edb8b74b9061db6c471Doesn't seem to have a CVE identifier yet. Could you allocate one?
John clarified in a reply to my post:
Jan, FYI, we didn't request one because we believed it did not meet the guidelines for assignment of a CVE identifier. It's a local-only information disclosure and can't be remotely exploited. John
So ignore my earlier post / request. Thanks && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Current thread:
- CVE Request (minor) -- Pidgin / libpurple -- Cipher API information disclosure Jan Lieskovsky (Mar 21)
- Re: CVE UnRequest (minor) -- Pidgin / libpurple -- Cipher API information disclosure Jan Lieskovsky (Mar 21)
- Local memory disclosure (was: libpurple CVE UnRequest) Steven M. Christey (Mar 21)
- Re: Local memory disclosure (was: libpurple CVE UnRequest) Steve Grubb (Mar 21)
- Local memory disclosure (was: libpurple CVE UnRequest) Steven M. Christey (Mar 21)
- Re: CVE UnRequest (minor) -- Pidgin / libpurple -- Cipher API information disclosure Jan Lieskovsky (Mar 21)