oss-sec mailing list archives
Re: CVE-request: Joomla core information disclosure 1.7.1
From: Henri Salo <henri () nerv fi>
Date: Fri, 2 Mar 2012 08:58:27 +0200
On Thu, Mar 01, 2012 at 10:14:40PM -0700, Kurt Seifried wrote:
On 03/01/2012 02:07 PM, Henri Salo wrote:Hello, It seems that this issue does not yet have CVE-identifier. http://developer.joomla.org/security/news/371-20111002-core-information-disclosure.html I can't never be sure with Joomla so maybe someone wants to verify this before assigment. - Henri SaloLooks like you asked for one for 20111001 (http://seclists.org/oss-sec/2011/q4/89) but I can't find a request for 20111002 anywhere. For Joomla! core information disclosure 20111002 please use CVE-2011-4937. -- Kurt Seifried Red Hat Security Response Team (SRT)
http://seclists.org/oss-sec/2012/q1/524 so the CVE seems to be CVE-2011-3629. Sorry again for the hassle. I think CVE-2011-4937 is now duplicate. How do we get Joomla's security personnel to request CVE-identifiers by themselves and add them to advisories? They do belong to oCERT. - Henri Salo ps. SORRY :)
Current thread:
- CVE-request: Joomla core information disclosure 1.7.1 Henri Salo (Mar 01)
- Re: CVE-request: Joomla core information disclosure 1.7.1 Henri Salo (Mar 01)
- Re: CVE-request: Joomla core information disclosure 1.7.1 Kurt Seifried (Mar 01)
- Re: CVE-request: Joomla core information disclosure 1.7.1 Henri Salo (Mar 01)
- Re: CVE-request: Joomla core information disclosure 1.7.1 Kurt Seifried (Mar 02)
- Re: CVE-request: Joomla core information disclosure 1.7.1 Kurt Seifried (Mar 02)
- Re: CVE-request: Joomla core information disclosure 1.7.1 Henri Salo (Mar 02)
- Re: CVE-request: Joomla core information disclosure 1.7.1 Henri Salo (Mar 01)