[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] MySQL CVEs (was: Security vulnerability in MySQL/MariaDB sql/password.c)
From: Tomas Hoger <thoger () redhat ! com>
Date: 2012-06-27 11:47:05
Message-ID: 20120627134705.4688e5a0 () redhat ! com
[Download RAW message or body]
On Mon, 18 Jun 2012 18:50:01 +0200 Tomas Hoger wrote:
> Additionally, following bugs try to collect info on MySQL security
> fixes in the last released and an upcoming Oracle CPU:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=832477
> https://bugzilla.redhat.com/show_bug.cgi?id=832540
>
> It would be nice if Oracle could confirm the mapping between CVEs and
> particular issues to avoid any incorrect guesses.
I was really hoping to see some comments form Oracle security team and
an explicit confirmation of the correct CVE guesses. Is there a good
reason why CVE mapping for public issues can not be provided?
Thank you!
--
Tomas Hoger / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic