Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.64.1006221302370.12832@faron.mitre.org>
Date: Tue, 22 Jun 2010 13:09:01 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security <oss-security@...ts.openwall.com>
cc: "Steven M. Christey" <coley@...us.mitre.org>,
        Matthew Wilkes <enquiries@...culartriangle.eu>, bressers@...hat.com
Subject: Re: Re: CVE Request -- Plone -- arbitrary HTML code
 injection in safe_html


On Tue, 22 Jun 2010, Matthew Wilkes wrote:

> On 2010-06-21, at 2048, Jan Lieskovsky wrote:
>
>> Could you allocate a CVE id for this?
>
> I requested one from MITRE over a week ago, they've not allocated one yet.

Use CVE-2010-2422.

I am inferring from the hotfixes and digging into past news announcements 
that the affected versions are 2.1 through 3.3.4.  Please let me know if 
this is erroneous.

- Steve

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.