Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 6 Feb 2009 14:09:33 +0100
From: Hanno Böck <>
Cc: Steven Christey <>
Subject: CVE request: phpbb < 3.0.4

From release notes:

"This release fixes some bugs introduced with the changes in 3.0.3, corrects 
minor issues, fixes two security bugs and also increases performance 

"# [Sec] Fixed an issue where deactivated accounts could be re-activated 
without the required privileges. (Reported by Jorick)
# [Sec] Ask for forum password if post within passworded forum quoted in 
private message. (Reported by nickvergessen)"

Hanno Böck		Blog:
GPG: 3DBD3B20		Jabber/Mail:

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ