[ntp:security] Duplicate CVE: CVE-2015-7703

Martin Prpic mprpic at redhat.com
Fri Oct 23 11:31:21 UTC 2015


I noticed that in your security notice page you announced this issue:

 Bug 2902: CVE-2015-7703 configuration directives "pidfile" and
 "driftfile" should only be allowed locally. (RedHat) 

This was however already assigned CVE-2015-5196 by Red Hat when we first
discovered the issue. I went ahead and requested a rejection of the 7703
CVE here:


When it gets rejected, please update your file with the correct CVE ID.

Thank you!

Martin Prpič / Red Hat Product Security

More information about the security mailing list