CVE-2012-2639 reject request (duplicate of CVE-2011-4940)

[Jan Lieskovsky <jlieskov () redhat com>]

Hello Steve, vendors,

  due the recently assigned CVE-2012-2639:

======================================================
Name: CVE-2012-2639
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2639
Final-Decision:
Interim-Decision:
Modified:
Proposed:
Assigned: 20120514
Category:
Reference: CONFIRM:http://bugs.python.org/issue11442
Reference: JVN:JVN#51176027
Reference: URL:http://jvn.jp/en/jp/JVN51176027/index.html
Reference: JVNDB:JVNDB-2012-000063
Reference: URL:http://jvndb.jvn.jp/jvndb/JVNDB-2012-000063

The list_directory function in Lib/SimpleHTTPServer.py in
SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and
2.7.x before 2.7.2 does not place a charset parameter in the
Content-Type HTTP header, which makes it easier for remote attackers
to conduct cross-site scripting (XSS) attacks against Internet
Explorer 7 via UTF-7 encoding.


Could you reject it? (as it is a duplicate of CVE-2011-4940):

https://bugzilla.redhat.com/show_bug.cgi?id=835496#c2
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4940
http://www.openwall.com/lists/oss-security/2012/03/15/1

Thank you && Regards, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team