oss-sec mailing list archives
Re: CVE request: notmuch
From: Florian Weimer <fw () deneb enyo de>
Date: Mon, 05 Mar 2012 07:03:54 +0100
* Kurt Seifried:
Potentially stupid Q, why no CVE request from Debian? I'm happy to assign them, especially for stuff that qualifies for a DSA, it will almost certainly qualify for a CVE.
Based on our current agreement with MITRE, we can only assign names to issues which are not yet public. The fix for this notmuch issue was already released (and labeled as a potential security issue) when we were contacted.
Current thread:
- CVE request: notmuch Moritz Mühlenhoff (Mar 04)
- Re: CVE request: notmuch Kurt Seifried (Mar 04)
- Re: CVE request: notmuch Florian Weimer (Mar 04)
- Re: CVE request: notmuch Kurt Seifried (Mar 04)