Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date:  Thu, 21 Jan 2010 11:49:05 -0600
From:  Raphael Geissert <geissert@...ian.org>
To: oss-security@...ts.openwall.com
Subject:  CVE request: MoinMoin information disclosure

Hi,

There's not much information about this issue, but there appears to be an 
information disclosure vulnerability in MoinMoin related to the handling of 
sys.argv.

References:
http://secunia.com/advisories/38242/
http://moinmo.in/SecurityFixes
http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2
http://hg.moinmo.in/moin/1.9/rev/04afdde50094
http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18 (line 70 and below)

Could a CVE please be assigned? Thanks.

Regards,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.