Date: Fri, 6 Feb 2009 14:09:33 +0100 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com Cc: Steven Christey <coley@...us.mitre.org> Subject: CVE request: phpbb < 3.0.4 From release notes: "This release fixes some bugs introduced with the changes in 3.0.3, corrects minor issues, fixes two security bugs and also increases performance significantly." "# [Sec] Fixed an issue where deactivated accounts could be re-activated without the required privileges. (Reported by Jorick) # [Sec] Ask for forum password if post within passworded forum quoted in private message. (Reported by nickvergessen)" -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail: hanno@...eck.de Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ