oss-sec mailing list archives

Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185

From: Arun Babu Neelicattu <abn () redhat com>
Date: Wed, 17 Sep 2014 00:10:16 -0400 (EDT)

Recently Apache Tomcat issued an advisory [1] for CVE-2013-4444 [2]. However, this flaw was reported to the Apache 
Tomcat Security team last year. We were instructed that Apache Tomcat team did not consider this a vulnerability. Red 
Hat Product Security handled this issue as CVE-2013-2185 [3] in our affected products.

We request that CVE-2013-4444 be marked as a duplicate of CVE-2013-2185.

-arun

[1] http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.40
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4444
[3] https://bugzilla.redhat.com/CVE-2013-2185

-- 
Arun Neelicattu / Red Hat Product Security
PGP: 0xC244393B 5229 F596 474F 00A1 E416  CF8B 36F5 5054 C244 393B

Current thread:

Duplicate Request: CVE-2013-4444 as a duplicate of CVE-2013-2185 Arun Babu Neelicattu (Sep 16)