oss-sec mailing list archives
CVE request: multiple status.net issues
From: Kees Cook <kees () ubuntu com>
Date: Mon, 24 Jan 2011 13:38:27 -0800
Hello, I wanted to get some CVEs assigned for some minor issues that I reported to status.net. syslog message spoofing via newline injections into logging http://status.net/open-source/issues/2795 limited XSS in error message contents http://status.net/open-source/issues/2796 (fixed) unsafe use of addslashes for SQL string escapes http://status.net/open-source/issues/2797 (fixed) Thanks, -Kees -- Kees Cook Ubuntu Security Team
Current thread:
- CVE request: multiple status.net issues Kees Cook (Jan 24)
- Re: CVE request: multiple status.net issues Josh Bressers (Jan 25)