Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 14 Sep 2016 09:09:18 +0200
From: Andreas Stieger <astieger@...e.com>
To: Damien Regad <dregad@...tisbt.org>
Cc: oss-security@...ts.openwall.com
Subject: Re: Re: ADOdb PDO driver: incorrect quoting may allow
 SQL injection

Him

On 09/14/16 08:32, Damien Regad wrote:
> Should I assume from the silence that no CVE is required for this ? 

I noticed that in your original e-mail to this list, you did not cc
cve-assign. Also note that there are new procedures, including a request
form, in addition to the previous recommendation to contact a CNA
https://cve.mitre.org/cve/request_id.html

Andreas

-- 
Andreas Stieger <astieger@...e.com>
Project Manager Security
SUSE Linux GmbH, GF: Felix Imend├Ârffer, Jane Smithard, Graham Norton,
HRB 21284 (AG N├╝rnberg)




Download attachment "signature.asc" of type "application/pgp-signature" (802 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.