| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ae05b895-1a33-3736-6487-e3d4df637d4c@easydns.com> Date: Sat, 26 Dec 2020 13:59:08 -0500 From: "Mark E. Jeftovic" <markjr@...ydns.com> To: Jason Geffner <geffner@...il.com>, Reed Loden <reed@...dloden.com> Cc: fulldisclosure@...lists.org Subject: Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze Is there a transposition typo in the Mac OSX version number? *Fixed Version:* |7.0.1.433| (Windows) and |7.1.0.434| (macOS) My OSX Backblaze is reporting 7.0.2.470 as most recent version On 2020-12-24 1:27 PM, Jason Geffner wrote: > Thanks, Reed. I've updated the GitHub repository name to reflect this > change. The detailed write-up can now be found at > https://github.com/geffner/CVE-2020-8289/blob/master/README.md. > > On Tue, Dec 22, 2020 at 3:56 AM Reed Loden <reed@...dloden.com> wrote: > >> Due to a process fail, this CVE ID was accidentally reused for another >> vulnerability. >> >> The updated CVE ID for this issue is CVE-2020-8289. >> >> We apologize to Jason and others for the inconvenience caused by this >> error. >> >> Happy holidays, >> ~reed >> (for HackerOne) >> > _______________________________________________ > Sent through the Full Disclosure mailing list > https://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: http://seclists.org/fulldisclosure/ -- Mark E. Jeftovic <markjr@...ydns.com> Co-founder & CEO, easyDNS Technologies Inc. AxisOfEasy.com <https://AxisOfEasy.com> - /For full coverage of a world gone full cyberpunk.../ _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists