[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: ghostscript
From:       Josh Bressers <bressers () redhat ! com>
Date:       2010-07-12 18:33:49
Message-ID: 188876289.142981278959629700.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]

----- "Marc Deslauriers" <marc.deslauriers@canonical.com> wrote:

> On Mon, 2010-07-12 at 11:00 -0600, Vincent Danen wrote:
> > * [2010-07-12 12:48:35 -0400] Dan Rosenberg wrote:
> > 
> > >I believe this is identical to CVE-2010-1869
> > >(http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2010-1869).
> > 
> > They don't look identical to me.  Patches differ, upstream bugs differ.
> > 
> > Can't really do anything hands-on to test since the PoC attached to the
> > upstream bug is private.
> 
> The reproducer for CVE-2010-1869 does trigger it on 8.64 for me, but I
> would consider it a separate issue.
> 

We'll give it a seperate CVE id, it seems to be a different issue.

As it's from 2009:

Use CVE-2009-4897

Thanks.

-- 
    JB
[prev in list] [next in list] [prev in thread] [next in thread]