Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun,  1 Mar 2015 23:09:32 -0500 (EST)
From: cve-assign@...re.org
To: sebastian@...ping.org
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: DokuWiki privilege escalation in RPC API

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Security Hotfix 2014-09-29c: fixes privilege escalation in RPC API
> 
> https://www.dokuwiki.org/changes
> https://github.com/splitbrain/dokuwiki/issues/1056
> https://github.com/splitbrain/dokuwiki/commit/4970ad24ce49ec76a0ee67bca7594f918ced2f5f

Use CVE-2015-2172.

> DokuWiki maintenance release 2014-09-29c (of 2015-02-25)

We agree that 2014-09-29c does not mean that the release had been
announced during 2014. For example, see:

  http://web.archive.org/web/20150121213236/http://www.dokuwiki.org/changes

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJU8+IVAAoJEKllVAevmvmsFM8IAJbf12dtIQbfeDg42RD/KRJu
WfOsO36OBI226TJP10XNX4xXOfz1mzK/0XH1VvlzOZp5Bwd+x4QEEKC5q0Fq0TJI
+XmD4PrKHRBiLYVErsEf4jxxXUrQv044bFXPtg/2U0G3wEqCYy/s7maVf+1xRF+t
hgtI4KdVl02RHku6V2+cK7Lr/qgfnXO5mFbizyDNAWag3EVDycOs1wFer0yBrUhu
MZlsW5W6DrhfcRuxg4XEy7blTvG/7a7SpHTgIAo+6u3lER1xxgUEepllJpltm0mi
U1GyIE5v2cZvKdVwVXEssVzOBVlF52BNjY/Ooz+SaE7AGoLfXqnySxB+P4hktdw=
=ihN0
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ