Date: Fri, 6 Feb 2009 14:09:33 +0100 From: Hanno Böck <hanno@...eck.de> To: oss-security@...ts.openwall.com Cc: Steven Christey <coley@...us.mitre.org> Subject: CVE request: phpbb < 3.0.4 From release notes: "This release fixes some bugs introduced with the changes in 3.0.3, corrects minor issues, fixes two security bugs and also increases performance significantly." "# [Sec] Fixed an issue where deactivated accounts could be re-activated without the required privileges. (Reported by Jorick) # [Sec] Ask for forum password if post within passworded forum quoted in private message. (Reported by nickvergessen)" -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail: hanno@...eck.de Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.