[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE Request: JIRA Issues
From: Josh Bressers <bressers () redhat ! com>
Date: 2010-04-16 15:01:05
Message-ID: 1046246154.1020891271430065619.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]
----- "Eren Türkay" <eren@pardus.org.tr> wrote:
> Hello,
>
> As you probably know, Apache.org services were taken down due to the XSS
> and privilege escalation flaws in JIRA. Atlassian patched the issues, and
> released an advisory.
>
> Bug entires:
>
> XSS Vulnerability: http://jira.atlassian.com/browse/JRA-20994
> Privilege escalation: http://jira.atlassian.com/browse/JRA-20995
>
> JIRA Advisory:
> http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2010-04-16
>
Here you go:
CVE-2010-1164 JIRA XSS Vulnerability (JRA-20994)
CVE-2010-1165 JIRA Privilege escalation (JRA-20995)
Thanks
--
JB
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic