oss-sec mailing list archives
Re: CVE Request for Drupal contributed modules
From: Greg Knaddison <greg.knaddison () acquia com>
Date: Mon, 4 Jun 2012 11:02:57 -0600
I didn't see a response nor this message in the archives at http://www.openwall.com/lists/oss-security/2012/05/ But I do see it in twitter at https://twitter.com/oss_security/status/207950141695606784 Is that lack of acknowledgment a subtle way to say "Greg, you really really need to sign your mails!" If so I will figure it out :) Greg On Wed, May 30, 2012 at 2:54 PM, Greg Knaddison <greg.knaddison () acquia com> wrote:
Hello, This is a batch CVE request for several advisories of contributed modules released recently. Let me know if you have any questions. Thanks, Greg Knaddison on behalf of the Drupal Security Team http://drupal.org/node/1608864 | SA-CONTRIB-2012-090 - File depot - Session Management Vulnerability http://drupal.org/node/1608854 | SA-CONTRIB-2012-089 - Counter - SQL Injection (unsupported) http://drupal.org/node/1608828 | SA-CONTRIB-2012-088 - Mobile Tools - Cross Site Scripting (XSS) http://drupal.org/node/1608822 | SA-CONTRIB-2012-087 - Comment Moderation - Cross Site Request Forgery http://drupal.org/node/1608780 | SA-CONTRIB-2012-086 - Amadou - Cross Site Scripting http://drupal.org/node/1597414 | SA-CONTRIB-2012-085 - BrowserID - Multiple Vulnerabilities * CSRF that leads to privilege escalation/impersonation http://drupal.org/node/1597364 | SA-CONTRIB-2012-084 - Search API - Cross Site Scripting (XSS) http://drupal.org/node/1597262 | SA-CONTRIB-2012-083 - Taxonomy List - Cross Site Scripting (XSS) http://drupal.org/node/1585960 | SA-CONTRIB-2012-082 - Zen - Cross Site Scripting http://drupal.org/node/1585890 | SA-CONTRIB-2012-081 - Aberdeen - Cross Site Scripting http://drupal.org/node/1585678 | SA-CONTRIB-2012-080 - Hostmaster (Aegir) - Access Bypass and Cross Site Scripting (XSS) http://drupal.org/node/1585648 | SA-CONTRIB-2012-079 - Post Affiliate Pro - Cross Site Scripting (XSS) and Access Bypass - Unsupported http://drupal.org/node/1585564 | SA-CONTRIB-2012-078 - Smart Breadcrumb - Cross Site Scripting (XSS) http://drupal.org/node/1585544 | SA-CONTRIB-2012-077 - Advertisement - Cross Site Scripting & Information Disclosure http://drupal.org/node/1585532 | SA-CONTRIB-2012-076 - Ubercart Product Keys Access Bypass -- Director Security Services | +1-720-310-5623 Skype: greg.knaddison | http://twitter.com/greggles | http://acquia.com
-- Director Security Services | +1-720-310-5623 Skype: greg.knaddison | http://twitter.com/greggles | http://acquia.com
Current thread:
- CVE Request for Drupal contributed modules Greg Knaddison (May 02)
- Re: CVE Request for Drupal contributed modules Kurt Seifried (May 02)
- <Possible follow-ups>
- CVE Request for Drupal contributed modules Greg Knaddison (May 30)
- Re: CVE Request for Drupal contributed modules Greg Knaddison (Jun 04)
- Re: CVE Request for Drupal contributed modules Solar Designer (Jun 04)
- Re: CVE Request for Drupal contributed modules Greg Knaddison (Jun 04)
- Re: CVE Request for Drupal contributed modules Greg Knaddison (Jun 04)
- Re: CVE Request for Drupal contributed modules Kurt Seifried (Jun 13)
- Re: CVE Request for Drupal contributed modules Henri Salo (Jun 14)
- Re: CVE Request for Drupal contributed modules Kurt Seifried (Jun 15)
- Re: CVE Request for Drupal contributed modules Steven M. Christey (Jun 27)