oss-sec mailing list archives

Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH

From: Moritz Muehlenhoff <jmm () debian org>
Date: Thu, 18 Oct 2012 22:35:31 +0200

Hi Kurt,
Issues only affecting testing/unstable should always be assigned a CVE ID
nonetheless. The Debian ecosystem is much more than stable alone:
There is a great deal of derivative distributions [1], which import packages
from Debian testing/unstable and having a CVE ID is a convenient way to
track whether they are affected.

[1] http://wiki.debian.org/Derivatives/Census

Cheers,
        Moritz

Current thread:

CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Raphael Geissert (Oct 15)
- Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Kurt Seifried (Oct 17)
  - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Michael Gilbert (Oct 17)
    - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Kurt Seifried (Oct 17)
    - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Michael Gilbert (Oct 17)
    - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Kurt Seifried (Oct 17)
    - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Michael Gilbert (Oct 18)
    - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Kurt Seifried (Oct 18)
    - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Michael Gilbert (Oct 18)
    - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Henri Salo (Oct 18)
    - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Moritz Muehlenhoff (Oct 18)
    - Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH Tim Brown (Oct 20)