Date: Mon, 03 May 2010 01:24:37 -0500 From: Raphael Geissert <geissert@...ian.org> To: oss-security@...ts.openwall.com Subject: CVE request: lxr Hi, While working on an update for lxr the following commit by upstream that fixes an XSS vulnerability in the search page was found: > Fix XSS exploit in title string http://lxr.cvs.sourceforge.net/viewvc/lxr/lxr/lib/LXR/Common.pm?r1=1.63&r2=1.64 It does not seem to be covered by CVE-2009-4497. Please assign an id. Thanks in advance. Kind regards, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ