oss-sec mailing list archives
Re: CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001
From: Josh Bressers <bressers () redhat com>
Date: Mon, 28 Jun 2010 16:37:38 -0400 (EDT)
As best as I can tell, none of these have CVE ids. (sorry for missing these) Here goes. ----- "Henri Salo" <henri () nerv fi> wrote:
On Mon, 08 Mar 2010 20:36:55 +0100 Jan Lieskovsky <jlieskov () redhat com> wrote:Hi Steve, vendors, multiple security issues have been addressed within SA-CORE-2010-001: * Installation cross site scripting
CVE-2010-2250
* Open redirection
CVE-2010-2471
* Locale module cross site scripting
CVE-2010-2472
* Blocked user session regeneration
CVE-2010-2473
References: [1] http://drupal.org/node/731710 [2] http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036472.html
[3] http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036619.html
[4] http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036583.html
Could you allocate CVE ids for these?Did this get CVE-identifiers?
Thanks. -- JB
Current thread:
- Re: CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001 Henri Salo (Jun 28)
- Re: CVE Request -- Drupal v6.16 / v5.22 SA-CORE-2010-001 Josh Bressers (Jun 28)