Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 07 Feb 2013 23:16:03 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Hanno Böck <hanno@...eck.de>
Subject: Re: CVE request: XSS in roundcube before 0.8.5

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/07/2013 10:50 AM, Hanno B￶ck wrote:
> Release notes: 
> http://sourceforge.net/news/?group_id=139281&id=310213
> 
> Corresponding bug: http://trac.roundcube.net/ticket/1488850
> 
> Commit: 
> https://github.com/roundcube/roundcubemail/commit/74cd0a9b62f11bc07c5a1d3ba0098b54883eb0ba
>
>  Please assign CVE.
> 

Please use CVE-2012-6121 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRFJgjAAoJEBYNRVNeJnmTjggP/3G1qmOK4YgR/fbb7woNwfyl
dMhGYcPcPOIte7onPjYGO1L79ui0xKezPi8/bwdd8EIe30/EkpPzUGulRp0/T5nL
ptQ1CKM0Ra58zg/gY4iGnRPAxDFGjZpRIaKfY3o490rk07QQqfTApQjmUYRJWRe4
ugQGmoWPj9SMIiDzlk+2WnMSqOk4Rb472neXExjdb24ufrSwo2ZraRNkhkhgBneM
XufOPPCyfwjzuGIoK/nSVeJKioprtAlvXpaoCGG3mJ3iP+bLcLSbBQOKe/6V/d7F
14u1jhfNEMcJw2j4uyQmPu5R9j2wFfPp2CYfJdDDoWNaSXyTb3IpoNRvuVtELJ9G
jluPdkP1Bk68TFPBt/YzVLVfmv1Rcp7h/Ik8XU7WIiOr6pLrx5Bmo4ADyy7D2Fq3
d0hk/iINhbB1AOnsg4PJPgI871TWa7yM3e+23UZgb+jQQD88iULvDmV6hpKFOWwc
OvJeXTq91rZccMwXUQ4baBqCufgu7cDQeCT0qDXWEJFlAMgz69P8Zn1eTYfhPnFs
lKLbVcHYRySaPBdpsJ1VBXWuk/wyOXWrq0NjxPluaVzu9SvU6spumg/B0UYl+/P1
SnYdnLFa/BBPiMpZBK0gUA8Aap8oe3Hf+dKeqY8t6eeU9ARWLZRAoP/xuGQL7jzR
ISag3l/Pl0vxM2xnM2jS
=OpIt
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ