Home page logo

oss-sec logo oss-sec mailing list archives

Re: CVE-2012-2248: isc-dhcp, Debian-specific: build path included in PATH
From: Moritz Muehlenhoff <jmm () debian org>
Date: Thu, 18 Oct 2012 22:35:31 +0200

Hi Kurt,
Issues only affecting testing/unstable should always be assigned a CVE ID
nonetheless. The Debian ecosystem is much more than stable alone:
There is a great deal of derivative distributions [1], which import packages
from Debian testing/unstable and having a CVE ID is a convenient way to
track whether they are affected.

[1] http://wiki.debian.org/Derivatives/Census


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]