oss-sec mailing list archives
Re: Duplicate OpenStack CVEs for Horizon?
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 03 Dec 2013 21:08:40 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/03/2013 08:50 PM, Jamie Strandboge wrote:
Hi, I was looking at https://bugs.launchpad.net/ossa/+bug/1247675 and it looks like upstream Horizon got CVE-2013-6406 assigned (referenced in the bug). http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730752 also references this Launchpad bug, but does not reference a CVE. Secunia http://secunia.com/advisories/55770 references CVE-2013-6406. https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6858 references the Launchpad bug and the Secunia advisory, but has a different CVE. The only reference I found to CVE-2013-6858 was the RedHat bug. Is CVE-2013-6858 simply a duplicate of CVE-2013-6406 or were these supposed to be split out for some reason? Thanks
It would appear I missed Mitre's assignment of CVE-2013-6406 (it was assigned 11-23, I assigned mine 11-28, confirmed I got the email, sigh, my bad). So a clear duplicate, please REJECT CVE-2013-6406 as it is a duplicate of CVE-2013-6858. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) iQIcBAEBAgAGBQJSnqrIAAoJEBYNRVNeJnmTT9QP/1MUTokTJ3un3qtZGDPxUL6D NyLPCAREGnzD/eHujN6fxr4svQrZHes6qOnPZh3qul08PpXfdqzAtvLVbGGawA/X eR05TDzCdRtzlecwF0mUrNi+fgcCPueBZrvUBmO68DltOBoRzfLMJmVqbQh52Ex2 ErvakEptJ7EV7wxZ0Un851+izR8+rYbNzFld9pZ/zfWxMuaz9o+kYk86NHKJdTTw AXuXyfxunUE6tcTEociRfeFdLVfqqcLpzCLsNbSkrzEConqY6AGoO5AIkN1MEJ1d gL0IjOViOk9MHEJsqJAif8bhuX508I0RDc2+kF6RkWja7I+zq0+Z7Uj4g8XDV89F mLK0SdF70PJxgu4yFz144WEmy0xwz+VFM2JS0P+MvDYG5AhQetnIpXf61Xv9nb5G bJc79VnZ3lLKS16GPJHnQp/B43ndf5pCgW/vPTCeCS0A+zcko5xCIPurSnE3knE8 ElxsQJUMGfZyMh1UYY+Pr5LwfWmZKNru6GqqXxLGD1wkNnErEgvicBqfW/nRM8Zl 66vy0kZpOhFkYaD/mIicKc2gXU5dCrvNyohW+K/sWwqi0VKcjIe9hZCE683gBEU4 wcIx4y9JrO6J9zuZaXXAoWl0ZUkHr7l88FEbWYxF03JDdzNbivgYWcX37HdxilUO d9jUoV28XQs2xPQby5A/ =tMnO -----END PGP SIGNATURE-----
Current thread:
- Duplicate OpenStack CVEs for Horizon? Jamie Strandboge (Dec 03)
- Re: Duplicate OpenStack CVEs for Horizon? Kurt Seifried (Dec 03)