Date: Mon, 28 Jun 2010 16:37:38 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: coley <coley@...re.org> Subject: Re: CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001 As best as I can tell, none of these have CVE ids. (sorry for missing these) Here goes. ----- "Henri Salo" <henri@...v.fi> wrote: > On Mon, 08 Mar 2010 20:36:55 +0100 > Jan Lieskovsky <jlieskov@...hat.com> wrote: > > > Hi Steve, vendors, > > > > multiple security issues have been addressed within > > SA-CORE-2010-001: > > > > * Installation cross site scripting CVE-2010-2250 > > * Open redirection CVE-2010-2471 > > * Locale module cross site scripting CVE-2010-2472 > > * Blocked user session regeneration CVE-2010-2473 > > References: > >  http://drupal.org/node/731710 > >  > > http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036472.html > >  > > http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036619.html > >  > > http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036583.html > > > > Could you allocate CVE ids for these? > > > > Did this get CVE-identifiers? > Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.