Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20111223215808.GA3924@pisco.westfalen.local>
Date: Fri, 23 Dec 2011 22:58:08 +0100
From: Moritz Mühlenhoff <jmm@...til.org>
To: Kurt Seifried <kseifried@...hat.com>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE request: simplesamlphp / Typo3

On Fri, Dec 23, 2011 at 01:45:25PM -0700, Kurt Seifried wrote:
> On 12/23/2011 01:20 PM, Moritz Muehlenhoff wrote:
> >Hi,
> >
> >1. Please assign a CVE ID for this issue in simplesamlphp we fixed in a DSA
> >a while ago:
> >http://lists.debian.org/debian-security-announce/2011/msg00206.html
> Please use CVE-2011-4625 for this issue

Thanks.
 
> >2. Please assign a CVE ID for these issues in Typo3 we fixed in a DSA
> >a while ago:
> >http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-001/
> >http://lists.debian.org/debian-security-announce/2011/msg00163.html
> 
> Argh. This one will have to wait since 1) I need to assign CVE's for
> ALL the typo3 issues for 2011 

AFAICS all the other Typo3 issues from 2011 have IDs assiged:
TYPO3-CORE-SA-2011-004: CVE-2011-4614
TYPO3-CORE-SA-2011-003: CVE-2011-3584
TYPO3-CORE-SA-2011-002: CVE-2011-3583

Cheers,
       Moritz

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.