Date: Mon, 29 Sep 2008 20:22:16 +1000 From: Steffen Joeris <steffen.joeris@...lelinux.de> To: oss-security@...ts.openwall.com Subject: CVE id request: ftpd Hi There seems to be a Cross-site request forgery in ftpd. Upstream used these patches to address the issue. There are also two Debian Bugreports for this issue. Could I please get a CVE id for this? Cheers Steffen : http://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064697.html : http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y.diff?r1=1.50&r2=1.51&f=h : http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y.diff?r1=1.51&r2=1.52&f=h : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500518 : http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500278 Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.