Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri,  4 Dec 2015 23:37:18 -0500 (EST)
From: cve-assign@...re.org
To: matthias@...lons.info
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request - redmine: Issues API may disclose changeset messages that are not visible

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> http://www.redmine.org/projects/redmine/wiki/Changelog
> https://www.redmine.org/issues/21136
> http://www.redmine.org/projects/redmine/repository/revisions/14794/diff/trunk/app/views/issues/show.api.rsb?utf8=%E2%9C%93&type=sbs

Use CVE-2015-8473.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWYmmsAAoJEL54rhJi8gl5fswP/i2j555i4sEqYzN6EAu/a5CC
kvLcHmlmDJNnjQrXrlhxt5ZHzC757BmlSxiOL6KQJFBPWAm6YOH3+RsKcxcBYgiT
dhDdqkmFDKMv28xmidC8PDaI+ZqdSTI8e1sGOj2nk4m9Z/faXWTJWUWsSeVBW4s+
elkdbbmLO6AVrmkxiXqooeEK0xOCE6bUYadC35Jm693LBeDTDmT87z+Pf/n3uV50
+RHQKqJZt+ZGgv6eUo1AJtfc38Jx9cq/AmFclCa+4Os4a9U3l2nXfODzAKUHwxyj
OPG8v1YjDJW+OPzYQeCqZ2/YHHCIxJZIX+/uWdkWOZbXz5HPzrp2HZ/VkDBgSRQY
puAt+30WkoCBdKkxBRWDElbiQuEYlvrnZ+Rh5js1jM+j7jkGC7IgHIRH9F36WzBm
OmXNsKunXkrIdNyC+X7/9z9e8d5ias20R3gFFCe0rV0WyHOYMx0rQWz9o0HH2ATn
Pajx8Ld0i3dGp5yC4ddEwrfQ4c/s90K13GAO3zh4IPU/iXkR9sL7a+cqXTdkItaq
CJ7wfzI5eRXtCvnb+Sn0KZRyYK4VCK179gZ01OEdjPCdXgqUBPeScXN1f6iISbrB
eVVItZLp1VfULcBhO08F0RMfflpzPz4cLfik6xqNXxttfQmVOwcIXpSK+NbJod1r
j0YDlc5j1oq6jqQFU2G/
=gPVa
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ