oss-sec mailing list archives

Re: CVE Request for Drupal contributed modules

From: Henri Salo <henri () nerv fi>
Date: Fri, 15 Jun 2012 09:19:14 +0300

On Wed, Jun 13, 2012 at 08:32:11PM -0600, Kurt Seifried wrote:

CVE-2012-2699 SA-CONTRIB-2012-073 - Glossary - Cross-Site Scripting (XSS)
CVE-2012-2700 SA-CONTRIB-2012-074 - Contact Forms - Access Bypass
CVE-2012-2701 SA-CONTRIB-2012-075 - Take Control - Cross Site Request
Forgery (CSRF)


These were already assigned.

Request: http://www.openwall.com/lists/oss-security/2012/05/10/6
Response: http://www.openwall.com/lists/oss-security/2012/05/11/2

Reject new identifiers or can we use this in future Drupal contrib issues?

- Henri Salo

Current thread:

CVE Request for Drupal contributed modules Greg Knaddison (May 02)
- Re: CVE Request for Drupal contributed modules Kurt Seifried (May 02)
- <Possible follow-ups>
- CVE Request for Drupal contributed modules Greg Knaddison (May 30)
  - Re: CVE Request for Drupal contributed modules Greg Knaddison (Jun 04)
    - Re: CVE Request for Drupal contributed modules Solar Designer (Jun 04)
    - Re: CVE Request for Drupal contributed modules Greg Knaddison (Jun 04)
  - Re: CVE Request for Drupal contributed modules Kurt Seifried (Jun 13)
    - Re: CVE Request for Drupal contributed modules Henri Salo (Jun 14)
    - Re: CVE Request for Drupal contributed modules Kurt Seifried (Jun 15)
    - Re: CVE Request for Drupal contributed modules Steven M. Christey (Jun 27)