oss-sec mailing list archives

Re: CVE=2015-1234 disambiguation

From: Justin Burke <jburke () tanium com>
Date: Wed, 10 Jun 2015 10:34:33 -0700

Vasyl, I suspect the original reporter self-generated the CVE number.

Justin
On Jun 10, 2015 7:54 AM, "Vasyl Kaigorodov" <vkaigoro () redhat com> wrote:

Hello,

I've spotted this on fulldisclosure mailing list today:
http://seclists.org/fulldisclosure/2015/Jun/17

It says CVE-2015-1234 was assigned to that issue, which I think is
wrong, because this same CVE was mentioned by Google in their Chrome
update in April 2015 [1]
http://googlechromereleases.blogspot.cz/2015/04/stable-channel-update.html

Can someone sched some light here?
Explicitely added cve-assign, and Justin Burke (fuldisclosure post
author).

Thanks.
--
Vasyl Kaigorodov | Red Hat Product Security
PGP:  0xABB6E828 A7E0 87FF 5AB5 48EB 47D0 2868 217B F9FC ABB6 E828
Free/Busy status: https://url.corp.redhat.com/vk-free-busy-status

Come talk to Red Hat Product Security at the Summit!
Red Hat Summit 2015 - https://www.redhat.com/summit/

Current thread:

CVE=2015-1234 disambiguation Vasyl Kaigorodov (Jun 10)
- Re: CVE=2015-1234 disambiguation Justin Burke (Jun 10)