'Re: [oss-security] CVE Request -- Drupal v6.16 / v5.22'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request -- Drupal v6.16 / v5.22
From:       Josh Bressers <bressers () redhat ! com>
Date:       2010-06-28 20:37:38
Message-ID: 1933458419.1381551277757458425.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]

As best as I can tell, none of these have CVE ids. (sorry for missing these)

Here goes.

----- "Henri Salo" <henri@nerv.fi> wrote:

> On Mon, 08 Mar 2010 20:36:55 +0100
> Jan Lieskovsky <jlieskov@redhat.com> wrote:
> 
> > Hi Steve, vendors,
> > 
> >    multiple security issues have been addressed within
> > SA-CORE-2010-001:
> > 
> > * Installation cross site scripting

CVE-2010-2250

> > * Open redirection

CVE-2010-2471

> > * Locale module cross site scripting

CVE-2010-2472

> > * Blocked user session regeneration

CVE-2010-2473

> > References:
> >    [1] http://drupal.org/node/731710
> >    [2]
> > http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036472.html

> > [3]
> > http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036619.html

> > [4]
> > http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036583.html

> > 
> > Could you allocate CVE ids for these?
> > 
> 
> Did this get CVE-identifiers?
> 

Thanks.

-- 
    JB
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic