oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: letodms multiple issues

From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 27 Aug 2012 23:49:51 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/27/2012 11:12 PM, Raphael Geissert wrote:

On Monday 27 August 2012 20:32:16 Kurt Seifried wrote:

On 08/27/2012 02:43 PM, Raphael Geissert wrote:

Multiple vulnerabilities have been found in LetoDMS[1]. Could
CVE ids be assigned, please? Thanks in advance.

[...]

major security update which fixeѕ lots of possible XSS and
CSRF

attacts


That's two sets of vulns, can you send me the links to the code 
updates? I'm assuming they are in 
http://mydms.svn.sourceforge.net/viewvc/mydms/ somewhere?
Thanks.


Not helpful, it's all in: 
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=853

 Cheers,


Welp if someone summarizes it I'll assign CVE's happily =).


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQIcBAEBAgAGBQJQPFv/AAoJEBYNRVNeJnmTKNYQAIB32eJHAlSy2QpKKHwMmhzd
MKJQGtjhylmMainr5c3TapFibCYypov7/cmNHQcpH8taC7iwOvg0lPqEp815gK7p
MCtvT+hS8DhnxGaUZkrQYoryJorKtk8rHdhIy3GJHoFRcdRPwR2VK2ZPUygeh4+c
izrwt6oLo1GCABM3+sCOl4zhJJSAfYqflHg6co190HlQLQjs2xlQbA4NkZPbQeP/
SD8VQxWhvFnFgLy5wXn58NyONOYNegkzJ1/islPMac5+cwDhu0Kay4cIn3KW5V0/
pRe1ePz6KFe/8/GbiUCbGKvuD65AzK9LHis2JjqAqtz69DoJ6EsY1v6Tb047XCwZ
A5guJbs/i9nLH4vw7gIfGczaGW3mNdkQl8U0NlNjfEg59hyPRJcMVZhoiRI98JFX
7XtVveK5cmpkC+eyx4frRlgeT7T2rE7khUdEdH8n1m71O7z/gaFWojXTHWNLOJ2h
Hu0UkDQ84eMoDMS/GRoO0vaOcSJBwlvsk1NwcI8Dvg2jS3pCMy7SuN6K1aFRTn6f
9P6hF++0uQKobgMXWRTDBDskU/C2s0j+IomjcCQtlRHHiZBsgIlaH+ofYTeV1p9Z
7rYcRK3N+xwmU3zoEI4acpR40xD3dnUfIZ1tHeuXgG7A6oGSP3tQKLrHXAnT4GqU
jjIqR4fuJDmD1T6RYrtW
=jVGZ
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: