Date: Wed, 14 Sep 2016 09:09:18 +0200 From: Andreas Stieger <astieger@...e.com> To: Damien Regad <dregad@...tisbt.org> Cc: oss-security@...ts.openwall.com Subject: Re: Re: ADOdb PDO driver: incorrect quoting may allow SQL injection Him On 09/14/16 08:32, Damien Regad wrote: > Should I assume from the silence that no CVE is required for this ? I noticed that in your original e-mail to this list, you did not cc cve-assign. Also note that there are new procedures, including a request form, in addition to the previous recommendation to contact a CNA https://cve.mitre.org/cve/request_id.html Andreas -- Andreas Stieger <astieger@...e.com> Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) Download attachment "signature.asc" of type "application/pgp-signature" (802 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.