oss-sec mailing list archives
Re: CVE Request - xlockmore 5.43 fixes a security flaw
From: "mancha" <mancha1 () hush com>
Date: Tue, 16 Jul 2013 21:17:56 +0000
On Tue, 16 Jul 2013 20:18:06 +0000 "Kurt Seifried" wrote:
To reiterate: so I can confirm CVE assignments, and prevent duplicate assignments you *MUST* provide links to the code commits/vulnerable code.
People need to start making better CVE requests, or you're not going to get CVEs from me.
I am relatively new at CVE requests so I am learning-by-doing. I must have missed the original comment you feel you're re-iterating to me. Relevant code can be found here: [1] http://sourceforge.net/projects/miscellaneouspa/files/glibc217/xlock more-5.42-glibc217-crypt.diff Upstream doesn't appear to have a public version control repo which is why I didn't post link(s) to commit(s). I mistakenly thought their changelog annoucement would be enough. I enjoy contributing time to the community via code submissions and by making flaws/fixes known to vendors via this list. I just hope they don't all have to raise my blood pressure in the future. --mancha
Current thread:
- CVE Request - xlockmore 5.43 fixes a security flaw mancha (Jul 16)
- Re: CVE Request - xlockmore 5.43 fixes a security flaw Kurt Seifried (Jul 16)
- <Possible follow-ups>
- Re: CVE Request - xlockmore 5.43 fixes a security flaw mancha (Jul 16)
- Re: CVE Request - xlockmore 5.43 fixes a security flaw Kurt Seifried (Jul 18)
- Re: CVE Request - xlockmore 5.43 fixes a security flaw mancha (Jul 18)
- Re: CVE Request - xlockmore 5.43 fixes a security flaw Kurt Seifried (Jul 18)