As announcements went out for the incomplete fix (openstack OSSA-2012-008, Ubuntu USN 1501-1), MITRE will likely want a separate CVE issued for the complete fix, so that users can be assured that vendors have addressed both elements of the issue.
(As an example of how a similar issue was handled with php, see http://www.openwall.com/lists/oss-security/2012/05/09/6 ; specifically the handling of CVE-2012-2311 and CVE-2012-NEW-2, which later in the email thread was assigned as CVE-2012-2336.)
As announcements went out for the incomplete fix (openstack OSSA-2012-008, Ubuntu USN 1501-1), MITRE will likely want a separate CVE issued for the complete fix, so that users can be assured that vendors have addressed both elements of the issue.
(As an example of how a similar issue was handled with php, see http:// www.openwall. com/lists/ oss-security/ 2012/05/ 09/6 ; specifically the handling of CVE-2012-2311 and CVE-2012-NEW-2, which later in the email thread was assigned as CVE-2012-2336.)