Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 27 Jun 2012 01:12:12 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Nicolas Grégoire <nicolas.gregoire@...rri.fr>
Subject: Re: XXE in Zend

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/26/2012 06:12 AM, Nicolas Grégoire wrote:
> Hello,
> 
> this Zend XXE vulnerability was published without a CVE: 
> http://framework.zend.com/security/advisory/ZF2012-01
> 
> Regards, Nicolas
> 

Please use CVE-2012-3363 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJP6rJMAAoJEBYNRVNeJnmTjT8P/0xt69iPnvQzTzBXqkIkrfK1
al1wlJLH5mXL9ajQ90uuGSrR3/8dzcwcE4/jmYn5f4yAt1dBSYFppSFQfBHl2XXb
f527RFzHtNr8corGRJW4doqbOqHnNADpvIh/uVBcVL8p4NONlnBhho9N9ymH/YF3
zF1Rg4DlbiIdSL60jd0Ws3aZp+kdX6vU6tVsWyyT2ML6M4YRJ1YDgp2iz/vd/US7
CKgAjdZ6Zs98CYCFTFjm+SsHCoSp5QkyZF7CIrrnRJzVRn5g9Bwdc85S7fwW3zuq
ahfuReWXEwUCP4QUm2GKUotclZrwQ78RjvVGNB5CHPYEMZcA8eDGIE79intoY1Vf
z652Ltx79N0wTFfV1hFh5/JM7EwKXPVHdHv+GCIP/9vGQioH7FEEByOmye1kzW4o
AeIM345Wo5H8D0/hHVggvkUvWrOSbo/zWIEF4/ji6+Fm3hqVEfWQJ0+QnvvP1RRR
7JQVGY4hw9vP6UMI26C+1T2Mo+S2iXzQL3Xj1SxUKcbwvq7ZnV0Bc3qbVTibgKku
TPNKiJDgpsER4GCe4+f8+LX37JctQJaG8KAnIMEwvwCSBIkkpH+F0SQczVF+paUx
vMaFiyu6mRyCsO7AjKFnJQf3e1NHCihCvqZpxg4AyQLBCgThjrL1RLAHaut6VUmH
XING7OYKU3X2rTm24AZU
=YFqh
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.