Yep, no problem.
On Thu, 30 Aug 2012, Steve Huston wrote:
Justin,
Could this note be added to the 0.18 release notes for the C++ broker?
-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of Mark J Cox
Sent: Thursday, August 30, 2012 5:28 AM
To: Steve Huston
Cc: [email protected]; [email protected]
Subject: Re: QPID-3849
If you are in agreement it's a security vulnerability It would definitely be
worth stating that you fixed this in the 0.18 release.
Usually when you announce 0.18 you'd mention the CVE at that time.
Use CVE-2012-3550
Thanks, Mark
On Fri, Jul 27, 2012 at 2:21 PM, Steve Huston <[email protected]> wrote:
Hi Mark,
Thank you for contacting us. The bug was resolved and will be included
in the 0.18 release which is in progress now.
Should we issue a CVE for prior versions? What's the process for that?
-Steve Huston
On 7/27/12 5:07 AM, "Mark J Cox" <[email protected]> wrote:
Hi QPID folks; one of my team pointed me to
https://issues.apache.org/jira/browse/QPID-3849 which appears to be a
security issue. Are you dealing with it as a security issue and going
to provide a security update/advisory? I can give you a CVE name for
this issue if so, just let me know.
Cheers, Mark
ASF Security Team
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected] For additional
commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
