oss-sec mailing list archives

Re: CVE request: dotclear before 2.2.3

From: Josh Bressers <bressers () redhat com>
Date: Fri, 15 Apr 2011 14:11:15 -0400 (EDT)



----- Original Message -----

My french isn't that good:
http://fr.dotclear.org/blog/post/2011/04/01/Dotclear-2.2.3

But that sounds like a security issue:
"Pour en revenir à cette version, signalons qu'elle contient la
correction d'une faille de sécurité signalée il y a quelque temps par
Raphaël — que nous remercions au passage —, ainsi qu'une correction
attendue pour la génération manuelle des miniatures."


Please use CVE-2011-1584.

The google translate is pretty vague, if someone has more details please
speak up:

"To come back to this version, note that it contains the
correcting a security flaw reported some time ago by
Raphael - we appreciate the way - and a correction
expected to generate manual thumbnail. "

Thanks.

-- 
    JB

Current thread:

CVE request: dotclear before 2.2.3 Hanno Böck (Apr 13)
- Re: CVE request: dotclear before 2.2.3 Franck Paul (Apr 14)
- Re: CVE request: dotclear before 2.2.3 Josh Bressers (Apr 15)
  - Re: CVE request: dotclear before 2.2.3 JcDenis (Apr 15)