Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 27 Jun 2012 01:12:12 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Nicolas Grégoire <nicolas.gregoire@...rri.fr>
Subject: Re: XXE in Zend

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/26/2012 06:12 AM, Nicolas Grégoire wrote:
> Hello,
> 
> this Zend XXE vulnerability was published without a CVE: 
> http://framework.zend.com/security/advisory/ZF2012-01
> 
> Regards, Nicolas
> 

Please use CVE-2012-3363 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJP6rJMAAoJEBYNRVNeJnmTjT8P/0xt69iPnvQzTzBXqkIkrfK1
al1wlJLH5mXL9ajQ90uuGSrR3/8dzcwcE4/jmYn5f4yAt1dBSYFppSFQfBHl2XXb
f527RFzHtNr8corGRJW4doqbOqHnNADpvIh/uVBcVL8p4NONlnBhho9N9ymH/YF3
zF1Rg4DlbiIdSL60jd0Ws3aZp+kdX6vU6tVsWyyT2ML6M4YRJ1YDgp2iz/vd/US7
CKgAjdZ6Zs98CYCFTFjm+SsHCoSp5QkyZF7CIrrnRJzVRn5g9Bwdc85S7fwW3zuq
ahfuReWXEwUCP4QUm2GKUotclZrwQ78RjvVGNB5CHPYEMZcA8eDGIE79intoY1Vf
z652Ltx79N0wTFfV1hFh5/JM7EwKXPVHdHv+GCIP/9vGQioH7FEEByOmye1kzW4o
AeIM345Wo5H8D0/hHVggvkUvWrOSbo/zWIEF4/ji6+Fm3hqVEfWQJ0+QnvvP1RRR
7JQVGY4hw9vP6UMI26C+1T2Mo+S2iXzQL3Xj1SxUKcbwvq7ZnV0Bc3qbVTibgKku
TPNKiJDgpsER4GCe4+f8+LX37JctQJaG8KAnIMEwvwCSBIkkpH+F0SQczVF+paUx
vMaFiyu6mRyCsO7AjKFnJQf3e1NHCihCvqZpxg4AyQLBCgThjrL1RLAHaut6VUmH
XING7OYKU3X2rTm24AZU
=YFqh
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ