ode-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sathwik B P <sathwik...@gmail.com>
Subject CVE-2018-1316 used to cover issue incorrectly used CVE-2008-2370 for ODE 1.3.3
Date Sun, 04 Mar 2018 06:56:45 GMT

In 2009 we released an advisory for ODE 1.3.3 which mentioned it fixed
a security issues with CVE name CVE-2008-2370:


However we noticed this name was used by mistake: CVE-2008-2370 is for
an unrelated security issue in Tomcat.

As suggested by Mitre, we've therefore assigned the name CVE-2018-1316
to cover this issue fixed in ODE 1.3.3.

Apache ODE Team.

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message