oss-sec mailing list archives

CVE Request: patch: CVE needed for incomplete fix for CVE-2015-1196?

From: Salvatore Bonaccorso <carnil () debian org>
Date: Sat, 24 Jan 2015 11:21:02 +0100

Hi,

It was reported that the fix for CVE-2015-1196 was incomplete. It was
reported to the Debian BTS as #775901[1] and as well mentioned in Red
Hat's Bugzilla at [2].

Does this need a separate CVE?

 [1] https://bugs.debian.org/775901
 [2] https://bugzilla.redhat.com/show_bug.cgi?id=1182154#c10

Regards,
Salvatore

Current thread:

CVE Request: patch: CVE needed for incomplete fix for CVE-2015-1196? Salvatore Bonaccorso (Jan 24)
- Re: CVE Request: patch: CVE needed for incomplete fix for CVE-2015-1196? cve-assign (Jan 28)