Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 8 Mar 2014 22:19:52 -0500 (EST)
From: cve-assign@...re.org
To: hanno@...eck.de
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: SQL injection in MODX Revolution before 2.2.13

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> I'd like to have a CVE for the following issue:
> http://forums.modx.com/thread/89486/modx-revolution-2-x-sql-injection#dis-post-492046
> 
> Release notes for fixed version:
> http://modx.com/blog/2014/03/07/revolution-2.2.13/
> 
> I tried to find the corresponding git commit, but I was not successful.
> It may be this one:
> https://github.com/modxcms/revolution/commit/11a913feda16c99703dbf4d27328af888e698c5c
> but I'm not sure.

Use CVE-2014-2311.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTG9psAAoJEKllVAevmvmsip8IAIjjHx9tQpXp6E2GO74G3Y72
OVr9s8rmQw6kL5ybsnQhpz0FJ+J70UrvkKrPBuWpR9WFnizLqjPD2mclRTWZq4Sh
0KaaZeGOWS3/xxtgNKnettHnnwgZ4FYmgmgEio4kqP0ARGjm93JNT1DhjtJmHJi7
s0FNrFfOJI8a8PCM4/dEAYEMD/l1bT/OV9D1pzvWOfeSbeZ9TIRId7Nw6c9jnF+I
S6JfZJg38O/RaKlCdVwZEE6IncsYi8EIUHBWmIHkgcZizRywLCfs7PIrBLXgU/5l
/xofamwjQrX5oW2i9rPc9Ibg8p3Iz6v2VMXXfslV6MUB+fXzFEdGi55BbqqxukI=
=1GJK
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ