oss-sec mailing list archives

Re: CVE request: simplesamlphp / Typo3

From: Moritz Mühlenhoff <jmm () inutil org>
Date: Fri, 23 Dec 2011 22:58:08 +0100

On Fri, Dec 23, 2011 at 01:45:25PM -0700, Kurt Seifried wrote:

On 12/23/2011 01:20 PM, Moritz Muehlenhoff wrote:

Hi,

1. Please assign a CVE ID for this issue in simplesamlphp we fixed in a DSA
a while ago:
http://lists.debian.org/debian-security-announce/2011/msg00206.html

Please use CVE-2011-4625 for this issue


Thanks.

2. Please assign a CVE ID for these issues in Typo3 we fixed in a DSA
a while ago:
http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-001/
http://lists.debian.org/debian-security-announce/2011/msg00163.html


Argh. This one will have to wait since 1) I need to assign CVE's for
ALL the typo3 issues for 2011


AFAICS all the other Typo3 issues from 2011 have IDs assiged:
TYPO3-CORE-SA-2011-004: CVE-2011-4614
TYPO3-CORE-SA-2011-003: CVE-2011-3584
TYPO3-CORE-SA-2011-002: CVE-2011-3583

Cheers,
       Moritz

Current thread:

CVE request: simplesamlphp / Typo3 Moritz Muehlenhoff (Dec 23)
- Re: CVE request: simplesamlphp / Typo3 Kurt Seifried (Dec 23)
  - Re: CVE request: simplesamlphp / Typo3 Moritz Mühlenhoff (Dec 23)
    - Re: CVE request: simplesamlphp / Typo3 Kurt Seifried (Dec 23)