Date: Mon, 30 Mar 2015 14:40:19 +0200 From: Vasyl Kaigorodov <vkaigoro@...hat.com> To: oss-security@...ts.openwall.com Subject: CVE Request: ikiwiki: cross-site scripting via openid_identifier Hello, Cross-site scripting flaw in the handling of the openid_identifier parameterhas been fixed in ikiwiki: http://source.ikiwiki.branchable.com/?p=source.git;a=commit;h=18dfba868fe2fb9c64706b2123eb0b3a3ce66a77 References: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781483 https://bugzilla.redhat.com/show_bug.cgi?id=1207210 Can we have a CVE assigned to this please? Thanks. -- Vasyl Kaigorodov | Red Hat Product Security PGP: 0xABB6E828 A7E0 87FF 5AB5 48EB 47D0 2868 217B F9FC ABB6 E828 Come talk to Red Hat Product Security at the Summit! Red Hat Summit 2015 - https://www.redhat.com/summit/ Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.