develooper Front page | perl.perl5.porters | Postings from December 2012

Re: security notice: Locale::Maketext: CVE?

Thread Previous
From:
brian m. carlson
Date:
December 9, 2012 23:06
Subject:
Re: security notice: Locale::Maketext: CVE?
Message ID:
20121209014957.GA108942@vauxhall.crustytoothpaste.net
On Sun, Dec 09, 2012 at 01:43:25AM +0100, Leon Timmermans wrote:
> On Sun, Dec 9, 2012 at 1:12 AM, Dominic Hargreaves <dom@earth.li> wrote:
> > Thanks for this. Has a CVE been assigned to this vulnerability yet,
> > and if so, what's the best way to do so?
> >
> > Thanks,
> > Dominic.
> 
> AFAIK CPanel has had contact with CERT, but I haven't seen a CVE
> either. Brian, can you enlighten us?

I contacted them once, but I got absolutely no response.  I haven't
requested or seen a CVE allocated for the Locale::Maketext
vulnerability.  If the Perl Security Team is able to allocate one, feel
free; if not, I can see if the Debian Security Team can allocate one.  I
know they have done this for other projects in the past.  To the best of
my knowledge, cPanel has no way to allocate CVEs ourselves.

-- 
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187

Thread Previous


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About