oss-sec mailing list archives
Re: CVE request for denial-of-service vulnerability in fcgi
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 06 Feb 2015 15:12:02 -0700
Just a note this needs a 2012 CVE: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681591 On 06/02/15 04:11 AM, Till Maas wrote:
Hi, there appears to be at least a denial-of-service vulnerability in fcgi: https://bugzilla.redhat.com/show_bug.cgi?id=1189958 Can someone pleas assign a CVE id to this, to make sure that other distributions notice this problem as well. Unfortunately it looks like fastcgi upstream now died, as their mailing list is not reachable anymore: http://mailman.fastcgi.com/mailman/listinfo/fastcgi-developers So if someone knows how to contact them, please forward them this information. Regards Till Maas
-- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- CVE request for denial-of-service vulnerability in fcgi Till Maas (Feb 06)
- Re: CVE request for denial-of-service vulnerability in fcgi Kurt Seifried (Feb 06)
- Re: CVE request for denial-of-service vulnerability in fcgi cve-assign (Feb 07)