Date: Mon, 30 Mar 2015 19:02:08 +0100 From: Simon McVittie <smcv@...ian.org> To: oss-security@...ts.openwall.com Subject: Re: CVE Request: ikiwiki: cross-site scripting via openid_identifier On 30/03/15 13:40, Vasyl Kaigorodov wrote: > Cross-site scripting flaw in the handling of the openid_identifier > parameterhas been fixed in ikiwiki: > > http://source.ikiwiki.branchable.com/?p=source.git;a=commit;h=18dfba868fe2fb9c64706b2123eb0b3a3ce66a77 > > References: > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781483 > https://bugzilla.redhat.com/show_bug.cgi?id=1207210 > > Can we have a CVE assigned to this please? Please note that Salvatore Bonaccorso already requested a CVE ID for ikiwiki Debian bug 781483; this request covers the same issue. S
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.