Date: Wed, 19 Jul 2017 23:37:28 +1200 From: Matthew Daley <mattd@...fuzz.com> To: Henri Salo <henri@...v.fi> Cc: Kurt Seifried <kurt@...fried.org>, oss-security@...ts.openwall.com Subject: Re: ATutor CVE-2017-1000002, CVE-2017-1000003, CVE-2017-1000004 JFTR: On 17 July 2017 at 00:01, Henri Salo <henri@...v.fi> wrote: > Is this assigment somehow related to this oss-security post? > http://www.openwall.com/lists/oss-security/2016/07/01/3 Yes. CVE-2017-1000002 = issues #26 and #32 CVE-2017-1000003 = issues #29 to #31 CVE-2017-1000004 = issues #1 to #25, #27 and #28 (but issue #25 should probably be in CVE-2017-1000003 as it's a missing auth check, not a SQL injection) HTH, - Matthew
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ