Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 28 Nov 2012 09:44:53 -0700
From: Vincent Danen <vdanen@...hat.com>
To: Ricardo Mones <ricardo@...es.org>
Cc: oss-security@...ts.openwall.com
Subject: Re: CVE request -- vCalendar plugin for Claws Mail:
 credentials exposed on interface

* [2012-11-15 13:36:13 +0100] Ricardo Mones wrote:

>  This has been reported on our bugzilla:
>  http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2782
>
>  There's still not fix available. Could a CVE id be allocated for this if
>appropriate?
>
>  thanks in advance,
>
>P.S.: I'm not subscribed to the list.

I don't know if this ever got a CVE or not; if it did I don't see a
reference.

Also, according to this bug report it's fixed, but I can't find the
patch in your CVS tracker.  Can you provide a link to it?

And, if a CVE hasn't been assigned, perhaps Kurt or someone could assign
one?

-- 
Vincent Danen / Red Hat Security Response Team 

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.