oss-sec mailing list archives
Re: CVE request: multiple status.net issues
From: Josh Bressers <bressers () redhat com>
Date: Tue, 25 Jan 2011 12:08:05 -0500 (EST)
----- Original Message -----
Hello, I wanted to get some CVEs assigned for some minor issues that I reported to status.net. syslog message spoofing via newline injections into logging http://status.net/open-source/issues/2795
Use CVE-2010-4658.
limited XSS in error message contents http://status.net/open-source/issues/2796 (fixed)
Use CVE-2010-4659.
unsafe use of addslashes for SQL string escapes http://status.net/open-source/issues/2797 (fixed)
Use CVE-2010-4660. Thanks. -- JB
Current thread:
- CVE request: multiple status.net issues Kees Cook (Jan 24)
- Re: CVE request: multiple status.net issues Josh Bressers (Jan 25)