Date: Wed, 12 Jan 2011 22:48:06 -0600 From: Raphael Geissert <geissert@...ian.org> To: oss-security@...ts.openwall.com Subject: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Hi, Could CVE ids be assigned for the following issues? Thanks in advance. ftpls: XSS in directory listing http://bugs.debian.org/607494 xdigger: buffer overflow when parsing CLI arguments (it is SGID, at least in Debian) http://bugs.debian.org/609096 lbreakout2: buffer overflow with overly long HOME env var (it is SGID, at least in Debian) http://bugs.debian.org/608980 calibre: XSS and file disclosure http://www.waraxe.us/advisory-77.html http://bugs.debian.org/608822 typo3: 8 vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-022/ http://seclists.org/fulldisclosure/2010/Dec/690 http://bugs.debian.org/607286 There are more issues without ids, will request them later. Regards, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ