oss-sec mailing list archives
Re: CVE request: drupal issue in < 5.9
From: Miklos Vajna <vmiklos () frugalware org>
Date: Sat, 26 Jul 2008 21:55:07 +0200
On Sat, Jul 26, 2008 at 09:27:33PM +0200, Nico Golde <oss-security+ml () ngolde de> wrote:
Hi Miklos, * Miklos Vajna <vmiklos () frugalware org> [2008-07-26 21:13]:DRUPAL SA-2008-046 http://drupal.org/node/286417 Contains a session fixation.This is CVE-2008-3222.
Isn't this different? It refers to http://www.openwall.com/lists/oss-security/2008/07/10/3 which is a bug fixed in 5.8. The issue I'm talking about is _not_ fixed in 5.8. Thanks.
Attachment:
_bin
Description:
Current thread:
- CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 26)
- Re: CVE request: drupal issue in < 5.9 Nico Golde (Jul 26)
- Re: CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 26)
- Re: CVE request: drupal issue in < 5.9 Steven M. Christey (Jul 26)
- Re: CVE request: drupal issue in < 5.9 Nico Golde (Jul 27)
- Re: CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 27)
- Re: CVE request: drupal issue in < 5.9 Nico Golde (Jul 27)
- Re: CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 27)
- Re: CVE request: drupal issue in < 5.9 Miklos Vajna (Jul 26)
- Re: CVE request: drupal issue in < 5.9 Nico Golde (Jul 26)