oss-sec mailing list archives

Re: CVE request : client-side file creation via XSLT in Webkit

From: Deb Mazurek <dmazurek () securityfocus com>
Date: Mon, 09 May 2011 13:03:29 -0600

Is this related to CVE-2011-1425 as described in
http://www.aleksey.com/pipermail/xmlsec/2011/009120.html



On Mon, 2011-05-09 at 14:59 -0400, Steven M. Christey wrote:

All,

Note that due to all the Apple/Google confusion, we recently arranged for 
Google to become a CVE CNA (i.e. have their own CVEs), and now they are 
the primary coordinator for CVE assignment in Webkit issues (specifically, 
Chris Evans).  Not sure whether the current issue has CVE coverage or not.

- Steve

Current thread:

CVE request : client-side file creation via XSLT in Webkit Nicolas Grégoire (May 09)
- Re: CVE request : client-side file creation via XSLT in Webkit Josh Bressers (May 09)
  - Re: CVE request : client-side file creation via XSLT in Webkit Steven M. Christey (May 09)
    - Re: CVE request : client-side file creation via XSLT in Webkit Deb Mazurek (May 09)
- Re: CVE request : client-side file creation via XSLT in Webkit Steven M. Christey (May 09)
  - Re: CVE request : client-side file creation via XSLT in Webkit Nicolas Grégoire (May 11)
    - Re: CVE request : client-side file creation via XSLT in Webkit Nicolas Grégoire (May 17)
    - Re: CVE request : client-side file creation via XSLT in Webkit Nicolas Grégoire (May 23)