Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 5 Jun 2013 17:02:09 +0300
From: Henri Salo <henri@...v.fi>
To: oss-security@...ts.openwall.com
Cc: security@...mla.org
Subject: Joomla URL change

Hello list,

For some reason most (or all) developer.joomla.org security advisory links are
now 404. Even their own advisories have broken links. Example:

http://vel.joomla.org/jsn/12-20120308-core-xss-vulnerability.html points to
http://developer.joomla.org/security/news/399-20120308-core-xss-vulnerability.html

This is a problem because not all of the advisories contain CVE identifiers
and now vulnerability databases are refering to old addresses. For example
CVE-list refers to developer.joomla.org 64 times and OSVDB 100 times.

Address http://developer.joomla.org/security.html still exists and for example
http://developer.joomla.org/security/82-20130402-core-information-disclosure.html
works. Also http://docs.joomla.org/Security points to
http://forum.joomla.org/viewforum.php?f=372 which is labeled "Security
Announcements - Old"

Joomla: is this going to stay like this? Is there easy way to change the URLs?

---
Henri Salo

Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.