From: Kurt Seifried [mailto:kseifried () redhat com]
Sent: Wednesday, March 20, 2013 5:05 AM
To: oss-security () lists openwall com
Cc: Henri Salo; larry0 () me com; Christey, Steven M.
Subject: Re: [Red Hat - Possible Forgery] Re: [oss-security] Ruby CVEs
-----BEGIN PGP SIGNED MESSAGE-----
On 03/20/2013 02:43 AM, Kurt Seifried wrote:
Argh I didn't pay attention to Larry's previous emails where he listed
the CVE's assigned:
http://www.osvdb.org/show/osvdb/91232 fastreader CVE-2013-2615
http://www.osvdb.org/show/osvdb/91231 MiniMagic CVE-2013-2616
http://www.osvdb.org/show/osvdb/91230 Curl CVE-2013-2617
Please don't send requests to oss-sec if you already sent a request to
Mitre/anyone else. Also I don't seem to have these in my emails from
Mitre (to VIM list or anywhere else)?
These 4 are all the ";" URL parsing issues ny larry0 () me com
Please use CVE-2013-1875 for this issue.
Did this one get a CVE from Mitre?
http://direct.osvdb.org/show/osvdb/91232 fastreader gem
Please use CVE-2013-1876 for this issue.
Please reject, use CVE-2013-2615 instead
http://direct.osvdb.org/show/osvdb/91231 MiniMagic gem
Please use CVE-2013-1877 for this issue.
Please reject, use CVE-2013-2616 instead
http://direct.osvdb.org/show/osvdb/91230 Curl gem
Please use CVE-2013-1878 for this issue.
Please reject, use CVE-2013-2617 instead