oss-sec mailing list archives
CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3
From: Raphael Geissert <geissert () debian org>
Date: Wed, 12 Jan 2011 22:48:06 -0600
Hi, Could CVE ids be assigned for the following issues? Thanks in advance. ftpls: XSS in directory listing http://bugs.debian.org/607494 xdigger: buffer overflow when parsing CLI arguments (it is SGID, at least in Debian) http://bugs.debian.org/609096 lbreakout2: buffer overflow with overly long HOME env var (it is SGID, at least in Debian) http://bugs.debian.org/608980 calibre: XSS and file disclosure http://www.waraxe.us/advisory-77.html http://bugs.debian.org/608822 typo3: 8 vulnerabilities http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-022/ http://seclists.org/fulldisclosure/2010/Dec/690 http://bugs.debian.org/607286 There are more issues without ids, will request them later. Regards, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net
Current thread:
- CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Raphael Geissert (Jan 13)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Moritz Mühlenhoff (Jan 14)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Steven M. Christey (Jan 14)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Tomas Hoger (Jan 14)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Steven M. Christey (Jan 14)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Josh Bressers (Jan 14)
- Re: CVE requests: ftpls, xdigger, lbreakout2, calibre, typo3 Moritz Mühlenhoff (Jan 14)