Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 6 Feb 2009 14:09:33 +0100
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com
Cc: Steven Christey <coley@...us.mitre.org>
Subject: CVE request: phpbb < 3.0.4

From release notes:

"This release fixes some bugs introduced with the changes in 3.0.3, corrects 
minor issues, fixes two security bugs and also increases performance 
significantly."

"# [Sec] Fixed an issue where deactivated accounts could be re-activated 
without the required privileges. (Reported by Jorick)
# [Sec] Ask for forum password if post within passworded forum quoted in 
private message. (Reported by nickvergessen)"

-- 
Hanno Böck		Blog:		http://www.hboeck.de/
GPG: 3DBD3B20		Jabber/Mail:	hanno@...eck.de

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ