oss-sec mailing list archives

Re: CVE Request: patch: CVE needed for incomplete fix for CVE-2015-1196?

From: cve-assign () mitre org
Date: Tue, 27 Jan 2015 18:22:11 -0500 (EST)

Hi,

It was reported that the fix for CVE-2015-1196 was incomplete. It was
reported to the Debian BTS as #775901[1] and as well mentioned in Red
Hat's Bugzilla at [2].

Does this need a separate CVE?

[1] https://bugs.debian.org/775901
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1182154#c10

Regards,
Salvatore


Use CVE-2015-1396.

---

CVE assignment team, MITRE CVE Numbering Authority M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]

Current thread:

CVE Request: patch: CVE needed for incomplete fix for CVE-2015-1196? Salvatore Bonaccorso (Jan 24)
- Re: CVE Request: patch: CVE needed for incomplete fix for CVE-2015-1196? cve-assign (Jan 28)