[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: HTML Purifier
From: Josh Bressers <bressers () redhat ! com>
Date: 2010-06-30 19:26:30
Message-ID: 1408947388.1643541277925990594.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]
Please use CVE-2010-2479
Thanks.
--
JB
----- "Raphael Geissert" <geissert@debian.org> wrote:
> Hi,
>
> HTML Purifier 4.1.1 fixes an IE-specific XSS vulnerability.
>
> Upstream announcement:
> http://htmlpurifier.org/news/2010/0531-4.1.1-released
>
> Fix:
> http://repo.or.cz/w/htmlpurifier.git/commit/d3abcb90e30592c619047d878cf9c72b7c5836a3
>
> This one is required for the fix to apply (the change is overwritten
> by the
> fix):
> http://repo.or.cz/w/htmlpurifier.git/commit/da94d3d6acdf417ac890426eb1fd239ba62b042d
>
> Could a CVE id be assigned?
>
> Thanks in advance.
>
> Regards,
> --
> Raphael Geissert - Debian Developer
> www.debian.org - get.debian.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic