Re: [oss-security] CVE request: vulnerability in FreeRADIUS (OCSP)

On Tue, 19 Jul 2011 12:19:57 +0200 dfncert@dfn-cert.de wrote:

> Are the published information sufficient to get a CVE number for the
> issue?

Was your intention to request a CVE for a still-to-remain-non-public
issue to be disclosed in the future, or actually make the issue public?

I'm CCing upstream (Alan DeKok), as it seems this thread may be giving
out more info than expected. Alan, this is part of the following
discussion:

http://thread.gmane.org/gmane.comp.security.oss.general/5489

-- Tomas Hoger / Red Hat Security Response Team

• This message: [ Message body ]
• Next message: Solar Designer: "Re: [oss-security] CVE request: vulnerability in FreeRADIUS (OCSP)"
• Previous message: Jan Lieskovsky: "[oss-security] CVE Request -- Wireshark: Infinite loop in the ANSI A Interface (IS-634/IOS) dissector"
• In reply to: dfncert_at_nospam: "Re: [oss-security] CVE request: vulnerability in FreeRADIUS (OCSP)"
• Next in thread: dfncert_at_nospam: "Re: [oss-security] CVE request: vulnerability in FreeRADIUS (OCSP)"
• Reply: dfncert_at_nospam: "Re: [oss-security] CVE request: vulnerability in FreeRADIUS (OCSP)"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]