oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: multiple status.net issues

From: Josh Bressers <bressers () redhat com>
Date: Tue, 25 Jan 2011 12:08:05 -0500 (EST)


----- Original Message -----

Hello,

I wanted to get some CVEs assigned for some minor issues that I
reported to
status.net.

syslog message spoofing via newline injections into logging
http://status.net/open-source/issues/2795


Use CVE-2010-4658.



limited XSS in error message contents
http://status.net/open-source/issues/2796 (fixed)


Use CVE-2010-4659.



unsafe use of addslashes for SQL string escapes
http://status.net/open-source/issues/2797 (fixed)



Use CVE-2010-4660.

Thanks.

-- 
    JB
Previous By Date Next
Previous By Thread Next

Current thread: