Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 22 Oct 2013 20:04:49 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request: Simple Machines Forum (SMF) Remote
 file inclusion vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/22/2013 01:40 PM, Kevin Pawloski wrote:
> https://github.com/SimpleMachines/SMF2.1/issues/701
> 
> Affects 2.0.X and 2.1.X.
> 
> Could a CVE please be assigned to this issue?
> 
> Thank you.
> 
> ------------------------------ Kevin Pawloski Lead Information
> Security Engineer www.demandmedia.com 310.319.6810 pgp DD26 4747
> 6091 7F0A C30F F985 D3FF 0C70 4780 1669 
> ------------------------------
> 
> 
> 
> Please NOTE: This electronic message, including any attachments,
> may include privileged, confidential and/or inside information
> owned by Demand Media, Inc. Any distribution or use of this
> communication by anyone other than the intended recipient(s) is
> strictly prohibited and may be unlawful.  If you are not the
> intended recipient, please notify the sender by replying to this
> message and then delete it from your system. Thank you.

I am not sure if I'm the intended recipient of this email (it's not
addressed to me) so you'll have to remove this footer from your email
if you want a CVE from me.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBAgAGBQJSZy7AAAoJEBYNRVNeJnmTYzEP/0bnG/zflvln1A6hDhsEuz9Z
uSghjQtGIU0ZmeNPgoC+qnv2ZFkbveeH+KOFTM5K6ZzVlLDXkDy/VxBRqFuX8JyM
bdog4ATIidkHxyqkQa93YC69yLjQn/XbiIi6F+EDO8p9HiCn/s01xP+VOxIBwAhK
fx5EV1EEuru2nbkQdzSO8SOgOVbOM0arCotKXyTqFbUP5rsaP8t+TQUo+1HoQ4yZ
+nzldoo8AfdscBOkkIuFN8wMzoxBcQlfwHBzOcVEDiq5CW6lZm8OWtOdLIJyJ7YH
pxnWhgaFyEv3Ui0qAChfaiagkTWNeTbZDNJJT0OZVQmXMgBQxvhrL8oOgyvhXE53
f8DnR6OWAfTonp5KcIVhLon5sqnrZt5mZXYF6IaCihykkxeuUyNzAmblwzlIl0Ug
LBfVOYM++sikGSyvz5B4ujJp0vf/KkVj2FMA/12SH3AmNDYsJV05j760TdAQp9Wk
YJJwgrPSwzp4VCZPnLu+WEHukVFS2zuq7huxPpl/ujsLP/xQoEmtbwnSEJreZBdd
I+ntAIlA1MhgwOi5/wJ44gKHw5qT98WMd1s3whNp1HW5iI/HfuthOPL8+P/xwIK7
K6bTMdW8rc6SrySD66cvDaVgRsUjDOzDUHg73AQwZpl9gNZb7NIQ7Qpd9FRQfYHZ
1a6AGiECukVAK7ksltWK
=3Ok/
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ