Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 2 Aug 2008 17:59:19 +0200
From: Hanno Böck <>
Subject: CVE request: Contenido < 4.8.7, < 4.6.24

Upstream information is very limited.

From their webpage
"Contenido in den Versionen 4.6.24 und 4.8.7 erschienen. Beide Versionen 
beheben die relevanten Sicherheitslücken. "
(in english something like: contenido released in version 4.6.24 and 4.8.7. 
Both versions fix the relevant security issues.)

Changelog in 4.8 is missing, changelog in 4.6.24 states:
"- Bugfixes / Hotfixes zu u.a. CON-148, CON-150, CON-152
- diverse Hotfixes fuer potentielle Luecken"
(bugfixes/hotfixes for CON-148, CON-150, CON-152 and others, several hotfixes 
for potential vulnerabilities)

I think CON-xxx is some kind of internal advisory numbering, but I found 
nowhere what CON-xxx is.

Hanno Böck		Blog:
GPG: 3DBD3B20		Jabber/Mail:

Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.