Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 16 Apr 2010 15:47:24 +0300
From: Eren Türkay <eren@...dus.org.tr>
To: oss-security@...ts.openwall.com
Subject: CVE Request: JIRA Issues

Hello,

As you probably know, Apache.org services were taken down due to the XSS and 
privilege escalation flaws in JIRA. Atlassian patched the issues, and released 
an advisory.

Bug entires:

XSS Vulnerability: http://jira.atlassian.com/browse/JRA-20994
Privilege escalation: http://jira.atlassian.com/browse/JRA-20995

JIRA Advisory: 
http://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2010-04-16

Could anyone assign CVE IDs for these issues?

Thanks,
-- 
Eren

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ