Hi, On Thu, Aug 27, 2015 at 05:56:56PM +0200, gregor herrmann wrote: > On Fri, 06 Feb 2015 17:04:40 +0100, Salvatore Bonaccorso wrote: > > > the following vulnerability was published for libmp3-info-perl. > > > > CVE-2013-6499[0]: > > loading a module relative to the cwd > > > > If you fix the vulnerability please also make sure to include the > > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > > > For further information see: > > > > [0] https://security-tracker.debian.org/tracker/CVE-2013-6499 > > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1018805 > > FWIW, the bug is closed in Red Hat Bugzilla mentioned above as > "bogus".
The assigning CNA for this CVE did in meanwhile reject the CVE. I'm marking this as wontfix and closing the issue (as very unlikely the underlying bug will be fixed). Regards, Salvatore
