Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 10 May 2012 20:27:19 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Greg Knaddison <greg.knaddison@...uia.com>, security@...pal.org
Subject: Re: CVE Request for Drupal contributed modules - 2012-05-10

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/10/2012 01:38 PM, Greg Knaddison wrote:
> Hello,
> 
> This is a CVE request for the following contributed module issues:
> 
> http://drupal.org/node/1569482 SA-CONTRIB-2012-073 - Glossary - 
> Cross-Site Scripting (XSS) http://drupal.org/node/1569508
> SA-CONTRIB-2012-074 - Contact Forms - Access Bypass 
> http://drupal.org/node/1569512 SA-CONTRIB-2012-075 - Take Control
> - Cross Site Request Forgery (CSRF)

CVE-2012-2339 Drupal SA-CONTRIB-2012-073
CVE-2012-2340 Drupal SA-CONTRIB-2012-074
CVE-2012-2341 Drupal SA-CONTRIB-2012-075

> Thanks, Greg
> 
> -- Director Security Services | +1-720-310-5623 Skype:
> greg.knaddison | http://twitter.com/greggles | http://acquia.com


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPrHkHAAoJEBYNRVNeJnmTzWEP/00M8Jt6WhgoVqbGOvXRwEMk
J9evRtLfbdEo4qUthunCv/dqjdDx1b33IVxupIgKPWXYUqIUmaPmmX8mEPcMLwlD
UcX9AhYv0JiCTH/Kd2MGoiq8mUi7vQVe6qRt9po2h3hxOHdLAEWzWHz89GkYZjsC
rpz9RoPBh2D/ZBbc2sDPlYQRwokNGbJ4T9CuHV4Z3BP/8n4v4oBvru0G3kfpjcDx
BRKe93ny7r1Ja4BS6e1Vue7HWCDJ205N6xmy089dji5Ow5MLczPqokWqaaLBdhcE
+3bCHqfoq66xZdtEaoom3Fu6hGiIjlvVwZrdYhJCbNQRyckkVI1Dy1pH3ued8KuY
sjz4wy7/mXIfmDg8E+1QkD6q0A0gQB36SOqKF6m5gUWXhPLbVcmr8mckidtafbcY
5V53yERKuSz2PLUHenjGz0N4GHaaevbgWZ50Bf9+mjLSQWg1+svQnjk+AE5p7wt1
sAUl6cLjLeaPpW3uiFOI0IrN5uEeFLGexMkEtNKUgpl/ERBK1lKU4qTF7dIYeCg1
Mw+U1C2H2SQ1CBGvHoUNMQanyC2djbUCFGUNKB1flqwHoFo6fWSxNUuCNB913UFI
C807stda+R7Oga4QEMt7iBZQm/uDuxL//SMKz2gfQKMPmGEo3xX5wjCHqVrMQZSi
m4A/fPWUGqRXh/x3qXo3
=y6b9
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ