Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 19 Nov 2008 11:07:45 -0800
From: Kees Cook <>
Cc: "Steven M. Christey" <>
Subject: CVE request: CUPS DoS via RSS subscriptions


I'd like to get a CVE assigned for the RSS subscription DoS mentioned
here[1].  It seems that CUPS upstream already fixed[2] the issue[3] in
their 1.3.8 release.  Prior to 1.3.8, the server can be made to crash
when visiting a malicious website due to CUPS general CSRF issues.




Kees Cook
Ubuntu Security Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.