[ntp:security] Duplicate CVE: CVE-2015-7703

Martin Prpic mprpic at redhat.com
Fri Oct 23 11:31:21 UTC 2015


Hi!

I noticed that in your security notice page you announced this issue:

 Bug 2902: CVE-2015-7703 configuration directives "pidfile" and
 "driftfile" should only be allowed locally. (RedHat) 

This was however already assigned CVE-2015-5196 by Red Hat when we first
discovered the issue. I went ahead and requested a rejection of the 7703
CVE here:

http://seclists.org/oss-sec/2015/q4/137

When it gets rejected, please update your file with the correct CVE ID.

Thank you!

-- 
Martin Prpič / Red Hat Product Security


More information about the security mailing list