Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 13 Apr 2011 15:26:25 +0200
From: Joey Schulze <joey@...odrom.org>
To: oss-security@...ts.openwall.com
Subject: CVE id request: mahara / HTML Purifier

Could we get CVE id(s) for these security problems discovered in
HTML Purifier (emedded in older versions of mahara as well).

Patches are attached.

They originate from HTML Purifier

http://htmlpurifier.org/news/2011/0327-4.3.0-released

Regards,

	Joey

-- 
Experience is something you don't get until just after you need it.

View attachment "css_url_escaping.dpatch" of type "text/plain" (1146 bytes)

View attachment "font_family_attacks.dpatch" of type "text/plain" (8737 bytes)

View attachment "ie_innerhtml_backticks.dpatch" of type "text/plain" (2168 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.