cordova-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Cox <...@apache.org>
Subject Re: [oss-security] CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android
Date Mon, 23 Nov 2015 08:17:58 GMT
Unfortunately Red Hat made a mistake with the kernel issue which was
actually a typo (last two digit transposition).  Mitre have chosen to
keep the CVE for the kernel issue as CVE-2015-5257 because it is more
widely used.

They have allocated CVE-2015-8320 for the Cordova issue.  Please
update the CVE name where you are able to this new name.  Mitre will
add a note to the CVE name CVE-2015-5257 in their database mentioning
Cordova and the new ID as a redirection.

Many apologies for the inconvenience.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
For additional commands, e-mail: dev-help@cordova.apache.org


Mime
View raw message