On Sun, Dec 09, 2012 at 01:43:25AM +0100, Leon Timmermans wrote:
> On Sun, Dec 9, 2012 at 1:12 AM, Dominic Hargreaves <d...@earth.li> wrote:> > Thanks for this. Has a CVE been assigned to this vulnerability yet,> > and if so, what's the best way to do so?> >> > Thanks,> > Dominic.> > AFAIK CPanel has had contact with CERT, but I haven't seen a CVE> either. Brian, can you enlighten us?
I contacted them once, but I got absolutely no response. I haven't
requested or seen a CVE allocated for the Locale::Maketext
vulnerability. If the Perl Security Team is able to allocate one, feel
free; if not, I can see if the Debian Security Team can allocate one. I
know they have done this for other projects in the past. To the best of
my knowledge, cPanel has no way to allocate CVEs ourselves.
--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187