oss-security - CVE request - asterisk, python-markdown, jetty, kde

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [thread-next>] [day] [month] [year] [list]

Date:  Thu, 29 Oct 2009 09:42:36 -0600
From:  Raphael Geissert <geissert@...ian.org>
To: oss-security@...ts.openwall.com
Subject:  CVE request - asterisk, python-markdown, jetty, kde

Hi,

Could CVEs be assigned for the following issues?

= asterisk =
Unauthorized calls allowed on prohibited networks in asterisk
Reference:
Advisory: http://downloads.asterisk.org/pub/security/AST-2009-007.html

= python-markdown =
Multiple XSS attack vectors
References:
http://code.google.com/p/python-markdown2/issues/detail?id=30
http://code.google.com/p/python-markdown2/issues/detail?id=29
http://secunia.com/advisories/37142/

= kde =
Multiple missing input sanity checks in KDE
Reference:
http://www.ocert.org/advisories/ocert-2009-015.html

= jetty =
Multiple vulnerabilities in jetty
Reference:
http://www.ush.it/team/ush/hack-jetty6x7x/jetty-adv.txt

Thanks.

Regards,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.