Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 13 Jul 2016 10:12:23 +0200
From: Pere Orga <pere@...a.cat>
To: oss-security@...ts.openwall.com
Cc: Drupal Security Team <security@...pal.org>
Subject: CVE requests for Drupal Core - SA-CORE-2016-002

Hi

Please can I have CVE IDs assigned to the following Drupal
vulnerabilities (see https://www.drupal.org/SA-CORE-2016-002):

Saving user accounts can sometimes grant the user all roles (User
module - Drupal 7 - Moderately Critical)
Views can allow unauthorized users to see Statistics information
(Views module - Drupal 8 - Less Critical)

And for the Views contrib module (SA-CONTRIB-2016-036)
https://www.drupal.org/node/2749333

Thanks
Pere Orga on behalf of the Drupal Security team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ