Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 15 Jan 2016 10:26:31 +0000
From: Mike Gabriel <>
Subject: Security issues in GOsa


GOsa is a framework written in PHP for LDAP-based management of  
intranet infrastructures.

As part of upstream (I joined the team recently) I would like to make  
you aware of (at least) two security issues +/- recently discovered:

(1) Possibility of code injection when setting passwords for Samba.  
Solved upstream:

(2) XSS vulnerability during session log on. Solved upstream:

Please assign individual CVE Ids for both issues, if appropriate.


mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148

GnuPG Key ID 0x25771B31


Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ