Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 8 Jun 2011 16:28:18 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE Request -- Coppermine Photo Gallery --
 cpg1.4.27 / cpg1.5.12 -- XSS flaw



----- Original Message -----
> Hello, Josh, Steve, vendors,
> 
> Coppermine Photo Gallery upstream in the past addressed one XSS flaw
> in cpg1.4.27 / cpg1.5.12 versions. Further details:
> [1] http://bugs.gentoo.org/show_bug.cgi?id=347287
> [2]
> http://forum.coppermine-gallery.net/index.php/topic,65023.msg322935.html#msg322935
> [3] http://forum.coppermine-gallery.net/index.php/topic,69495.0.html
> [4] http://sourceforge.net/news/?group_id=89658
> 
> There doesn't seem to be a CVE id for this issue yet (or at least I
> couldn't find one).
> 
> Note: Should be CVE-2010-XXYY CVE id.
> 
> Could you allocate one?
> 

Please use CVE-2010-4667.

Thanks.

-- 
    JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.