oss-sec mailing list archives

Duplicate OpenStack CVEs for Horizon?

From: Jamie Strandboge <jamie () canonical com>
Date: Tue, 03 Dec 2013 21:50:31 -0600


Hi,

I was looking at https://bugs.launchpad.net/ossa/+bug/1247675 and it looks like
upstream Horizon got CVE-2013-6406 assigned (referenced in the bug).

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730752 also references this
Launchpad bug, but does not reference a CVE.

Secunia http://secunia.com/advisories/55770 references CVE-2013-6406.

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6858 references the
Launchpad bug and the Secunia advisory, but has a different CVE. The only
reference I found to CVE-2013-6858 was the RedHat bug.

Is CVE-2013-6858 simply a duplicate of CVE-2013-6406 or were these supposed to
be split out for some reason?

Thanks

-- 
Jamie Strandboge                 http://www.ubuntu.com/

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

Duplicate OpenStack CVEs for Horizon? Jamie Strandboge (Dec 03)
- Re: Duplicate OpenStack CVEs for Horizon? Kurt Seifried (Dec 03)