Date: Wed, 13 Apr 2011 15:26:25 +0200 From: Joey Schulze <joey@...odrom.org> To: oss-security@...ts.openwall.com Subject: CVE id request: mahara / HTML Purifier Could we get CVE id(s) for these security problems discovered in HTML Purifier (emedded in older versions of mahara as well). Patches are attached. They originate from HTML Purifier http://htmlpurifier.org/news/2011/0327-4.3.0-released Regards, Joey -- Experience is something you don't get until just after you need it. View attachment "css_url_escaping.dpatch" of type "text/plain" (1146 bytes) View attachment "font_family_attacks.dpatch" of type "text/plain" (8737 bytes) View attachment "ie_innerhtml_backticks.dpatch" of type "text/plain" (2168 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.