Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 14 Sep 2010 21:26:20 +0200
From: Pierre Joye <pierre.php@...il.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: CVE request: xss in pecl-apc before 3.1.4

thanks, added to the release info.

On Tue, Sep 14, 2010 at 9:18 PM, Josh Bressers <bressers@...hat.com> wrote:
> Please use CVE-2010-3294.
>
> Thanks.
>
> --
>    JB
>
>
> ----- "Hanno Böck" <hanno@...eck.de> wrote:
>
>> http://pecl.php.net/package-changelog.php?package=APC&release=3.1.4
>>
>> - Fixed potential XSS in apc.php (Pierre, Matt Chapman)
>>
>> This is a minor issue as this usually doesn't get installed and should
>> only be
>> used for debugging-purposes, but still, deserves a CVE.
>>
>> --
>> Hanno Böck            Blog:           http://www.hboeck.de/
>> GPG: 3DBD3B20         Jabber/Mail:    hanno@...eck.de
>>
>> http://schokokeks.org - professional webhosting
>



-- 
Pierre

@pierrejoye | http://blog.thepimp.net | http://www.libgd.org

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ