'Re: [oss-security] CVE-2010-4225: XSP/mod_mono source code disclosure'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE-2010-4225: XSP/mod_mono source code disclosure
From:       Vincent Danen <vdanen () redhat ! com>
Date:       2011-01-20 17:52:18
Message-ID: 20110120175218.GU2115 () redhat ! com
[Download RAW message or body]

* [2011-01-20 18:22:03 +0100] Oden Eriksson wrote:

>fredag 07 januari 2011 10:36:00 skrev  Thomas Biege:
>> Hello,
>>
>> our Mono team released a security update to fix a source-code disclosure
>> bug.
>>
>> http://www.mono-project.com/Vulnerabilities
>> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4225
>>
>> Cheers,
>> Thomas
>
>Where's the fix for this?

It's fixed in mod_mono 2.8.2.  I have no idea where a patch can be found
(in their git repo somewhere probably).

-- 
Vincent Danen / Red Hat Security Response Team 
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic