Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 15 Sep 2016 09:43:04 +0200
From: Damien Regad <dregad@...tisbt.org>
To: oss-security@...ts.openwall.com
Subject: Re: ADOdb PDO driver: incorrect quoting may allow SQL injection

cve-assign wrote:

> Because "security" is still present in the title and labels of 226,
> we're making the conclusion that this is a security problem and
> assigning an ID, CVE-2016-7405.

Thank you. 

> The current situation is that the CVE Team at MITRE receives both the
> oss-security messages and the https://cveform.mitre.org form output.
> We let people choose either method for obtaining a CVE ID from us,
> depending on their disclosure goals, their perspective about open
> pre-assignment discussion, or other factors. 

Thanks for the clarification. 



Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ