oss-sec mailing list archives
Re: Re: Is CVE-2024-30203 bogus? (Emacs)
From: Sean Whitton <spwhitton () spwhitton name>
Date: Thu, 11 Apr 2024 17:13:26 +0800
Hello, On Wed 10 Apr 2024 at 04:17pm +02, Salvatore Bonaccorso wrote:
Note that the CVE assignment (by MITRE as assigning CNA) for CVE-2024-30203 is explicitly as follows:In Emacs before 29.3, Gnus treats inline MIME contents as trusted.associated with: https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29&id=937b9042ad7426acdcca33e3d931d8f495bdd804
This commit doesn't fix anything at all, just fyi.
If you think the CVE assignment is not valid, then you might ask for a REJECT on https://cveform.mitre.org/ .
Okay, I'll do that, thanks. -- Sean Whitton
Attachment:
signature.asc
Description:
Current thread:
- Is CVE-2024-30203 bogus? (Emacs) Sean Whitton (Apr 08)
- Re: Is CVE-2024-30203 bogus? (Emacs) Eli Zaretskii (Apr 08)
- Re: Is CVE-2024-30203 bogus? (Emacs) Max Nikulin (Apr 08)
- Re: Is CVE-2024-30203 bogus? (Emacs) Ihor Radchenko (Apr 08)
- Re: Is CVE-2024-30203 bogus? (Emacs) Sean Whitton (Apr 10)
- Re: Is CVE-2024-30203 bogus? (Emacs) Ihor Radchenko (Apr 10)
- Re: Re: Is CVE-2024-30203 bogus? (Emacs) Salvatore Bonaccorso (Apr 10)
- Re: Is CVE-2024-30203 bogus? (Emacs) Max Nikulin (Apr 10)
- Re: Is CVE-2024-30203 bogus? (Emacs) Sean Whitton (Apr 11)
- Re: Re: Is CVE-2024-30203 bogus? (Emacs) Sean Whitton (Apr 11)
- Re: Is CVE-2024-30203 bogus? (Emacs) Max Nikulin (Apr 11)
- Re: Is CVE-2024-30203 bogus? (Emacs) Sean Whitton (Apr 10)
- Re: Is CVE-2024-30203 bogus? (Emacs) Eli Zaretskii (Apr 08)