oss-sec mailing list archives

Re: Three CVE requests: at-spi2-atk, as31, naxsi

From: "Steven M. Christey" <coley () rcf-smtp mitre org>
Date: Fri, 31 Aug 2012 13:00:01 -0400 (EDT)


On Fri, 6 Jul 2012, Kurt Seifried wrote:

2. Insecure tempfile handling in the as31 assembler
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=655496 Homepage:
http://wiki.erazor-zone.de/doku.php?id=wiki:projects:linux:as31


Please use CVE-2012-3379 for this issue.

This is a duplicate of CVE-2012-0808, assigned back in January (and alsorequested by Moritz ;-) CVE-2012-0808 has 20,000+ Google hits, has anestablished description, was assigned earlier, and has the same level ofauthoritative vendor references (i.e. bug reports). So, we will keep it.


So, REJECT CVE-2012-3379 as a duplicate of CVE-2012-0808.

- Steve

Current thread:

Three CVE requests: at-spi2-atk, as31, naxsi Moritz Muehlenhoff (Jul 05)
- Re: Three CVE requests: at-spi2-atk, as31, naxsi Kurt Seifried (Jul 06)
  - Re: Three CVE requests: at-spi2-atk, as31, naxsi Steven M. Christey (Aug 31)
    - Re: Three CVE requests: at-spi2-atk, as31, naxsi Kurt Seifried (Aug 31)