Date: Wed, 14 Sep 2016 09:09:18 +0200 From: Andreas Stieger <astieger@...e.com> To: Damien Regad <dregad@...tisbt.org> Cc: oss-security@...ts.openwall.com Subject: Re: Re: ADOdb PDO driver: incorrect quoting may allow SQL injection Him On 09/14/16 08:32, Damien Regad wrote: > Should I assume from the silence that no CVE is required for this ? I noticed that in your original e-mail to this list, you did not cc cve-assign. Also note that there are new procedures, including a request form, in addition to the previous recommendation to contact a CNA https://cve.mitre.org/cve/request_id.html Andreas -- Andreas Stieger <astieger@...e.com> Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ