Date: Tue, 22 Jun 2010 13:09:01 -0400 (EDT) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security <oss-security@...ts.openwall.com> cc: "Steven M. Christey" <coley@...us.mitre.org>, Matthew Wilkes <enquiries@...culartriangle.eu>, bressers@...hat.com Subject: Re: Re: CVE Request -- Plone -- arbitrary HTML code injection in safe_html On Tue, 22 Jun 2010, Matthew Wilkes wrote: > On 2010-06-21, at 2048, Jan Lieskovsky wrote: > >> Could you allocate a CVE id for this? > > I requested one from MITRE over a week ago, they've not allocated one yet. Use CVE-2010-2422. I am inferring from the hotfixes and digging into past news announcements that the affected versions are 2.1 through 3.3.4. Please let me know if this is erroneous. - Steve
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.