PGP key for vulnerability reports
rjohnson at sourcefire.com
Thu Jan 23 18:37:47 EST 2014
Looks gear from my side, thanks guys
On Thursday, January 23, 2014, Mark Doliner <mark at kingant.net> wrote:
> > On Thu, 23 Jan 2014 10:15:56 +0100 Tomas Hoger wrote:
> >> > I believe it should ideally be:
> >> > CVE-2013-6486 - Yves Younan of Sourcefire VRT
> >> > CVE-2013-6487 - Yves Younan, Ryan Pentney, and Pawel Janic of
> >> > Sourcefire VRT
> >> Ah, I see there is more detail for these now than were available
> >> before.
> Ah, you're right, I failed to include that information in my original
> request. Sorry!
> > We reviewed this taking into an account the new info provided and
> > decided to split the assignment as follows:
> > CVE-2013-6487
> > Buffer overflow in Gadu-Gadu HTTP parsing.
> > CVE-2013-6489
> > Buffer overflow in MXit emoticon parsing.
> > CVE-2013-6490
> > Buffer overflow in SIMPLE header parsing.
> > Sorry for the mess this caused, hope it's still enough time to release
> > to avoid having it too messy once it's public.
> I think it won't be too bad. Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the security