Hi Perry, On Sat, Jul 19, 2014 at 01:38:07PM -0400, Perry E. Metzger wrote: > On Sat, 19 Jul 2014 06:09:48 +0200 Salvatore Bonaccorso > <car...@debian.org> wrote: > > A CVE was assigned now for this issue (CVE-2014-5015). Plese > > reference this CVE ID in the changelog when fixing this issue. > > I'm afraid that CVE is "SQL injection vulnerability in the management > console in Symantec Endpoint Protection Manager" and does not > reference bozohttpd. Perhaps you are thinking of another CVE?
It was assigned on oss-security mailing list by MITRE: https://marc.info/?l=oss-security&m=140572157701095&w=2 I think CVE-2013-5015 is "SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager" Hope this clarifies, Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org