Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 10 Oct 2012 15:20:59 -0600
From: Vincent Danen <>
Subject: CVE request: libsocialweb untrusted connection to flickr

A similar request was made last year for libsocialweb connecting to
Twitter, and it seems to be doing the same to Flickr now (probably has
been all this time).

Same situation: opens an HTTP (non-SSL) connection to Flickr when no
Flickr account is configured, and without the user's permission or

Could a CVE be assigned to this (or has one been assigned already)?

Request for the Twitter issue is here (for reference):

and the Red Hat bug:


Vincent Danen / Red Hat Security Response Team 

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ