Re: libvirt / CVE-2019-3886

To: Moritz Mühlenhoff <jmm@inutil.org>
Cc: Guido Günther <agx@sigxcpu.org>, debian-lts@lists.debian.org
Subject: Re: libvirt / CVE-2019-3886
From: Brian May <bam@debian.org>
Date: Mon, 15 Apr 2019 17:43:43 +1000
Message-id: <[🔎] 87imvfd87k.fsf@silverfish.pri>
In-reply-to: <[🔎] 20190411211811.GA14285@pisco.westfalen.local>
References: <[🔎] 87bm1hdjft.fsf@silverfish.pri> <[🔎] 20190408100108.GA10558@bogon.m.sigxcpu.org> <[🔎] 871s2bejhc.fsf@silverfish.pri> <[🔎] 20190411211811.GA14285@pisco.westfalen.local>

Moritz Mühlenhoff <jmm@inutil.org> writes:

> We're tracking at as it's currently assigned by MITRE and it's their usual
> practice to split out secondary angles to a separate CVE ID. As such, you
> should rather reach out to them via https://cveform.mitre.org and request
> a separate ID for the part that affects 1.2.x as well.

Request submitted. I hope...
-- 
Brian May <bam@debian.org>

Reply to:

References:
- libvirt / CVE-2019-3886
  - From: Brian May <brian@linuxpenguins.xyz>
- Re: libvirt / CVE-2019-3886
  - From: Guido Günther <agx@sigxcpu.org>
- Re: libvirt / CVE-2019-3886
  - From: Brian May <bam@debian.org>
- Re: libvirt / CVE-2019-3886
  - From: Moritz Mühlenhoff <jmm@inutil.org>

Prev by Date: jinja2 update for CVE-2019-10906/CVE-2016-10745
Next by Date: (semi-)automatic unclaim of packages with more than 2 weeks of inactivity
Previous by thread: Re: libvirt / CVE-2019-3886
Next by thread: Re: libvirt / CVE-2019-3886
Index(es):
- Date
- Thread