oss-sec mailing list archives
Re: CVE Request for Drupal contributed modules
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 15 Jun 2012 01:38:34 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/15/2012 12:19 AM, Henri Salo wrote:
On Wed, Jun 13, 2012 at 08:32:11PM -0600, Kurt Seifried wrote:CVE-2012-2699 SA-CONTRIB-2012-073 - Glossary - Cross-Site Scripting (XSS) CVE-2012-2700 SA-CONTRIB-2012-074 - Contact Forms - Access Bypass CVE-2012-2701 SA-CONTRIB-2012-075 - Take Control - Cross Site Request Forgery (CSRF)These were already assigned. Request: http://www.openwall.com/lists/oss-security/2012/05/10/6 Response: http://www.openwall.com/lists/oss-security/2012/05/11/2 Reject new identifiers or can we use this in future Drupal contrib issues? - Henri Salo
Thanks, I didn't check my previous email (like I'm supposed to, to make sure exact scenario doesn't happen). Please reject the following 3 CVE's, they were previously assigned: CVE-2012-2699 SA-CONTRIB-2012-073 - Glossary - Cross-Site Scripting (XSS) CVE-2012-2700 SA-CONTRIB-2012-074 - Contact Forms - Access Bypass CVE-2012-2701 SA-CONTRIB-2012-075 - Take Control - Cross Site Request Forgery (CSRF) - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJP2uZ6AAoJEBYNRVNeJnmT4/AP/1BxvFh3bWBsVKvnqrLDChiH UPlvTF8RMBjrS99dpf+K/23jj4oTacOklt8e0VUfLXEf6yZ5/hvlduFc6QrE0LGU O4XsYxo8kMEv5P4XQcTVVBuB5RZEqQ5njoaCfdWTPBRB06333aE07b+hZLc25loZ 037acu6EkLyrk0XG99J3vOabUP+UKGkhkSz5L/t5czvqsSztoelm2z6LCjeUI9Zb UhmldabB4sPoYyFTHHmk01gKgibpR3Ck9MTW0bpFtAkTGN9xiPecysBrruvpvvRz UBmz+hQ0/7c0ebNH8dB/axJqUx/70cxirYNj/FlF+YCW4ZH4ceLpefzndE3Vp2Pb UAznBwikXDMRSpa+DsB+NL/inP52PTbsrUGwRZUdyzn4PNcdag6OA1eXluTglxTS Va7es8Q5Th10lXYHTRV558zR80jHkvHDlGu8/vPYne87d9yzYSiyRYvkQonZ1y2M 9bQSLq63OqBabnM+NTSVODGJ8R6OlISyO5m7dbw7bv39OPY7W/sl8cVvCof+7YdM vuYYSQMQXLZIMu9V8lpi+zWj5F+Ym/c2dQCCQbhd2uN8n682o2nNPDqgJyKgCW7o kC7E48xyI9HNPfg5jWZ58jrVLC1NJR+oCqc8OHLik9n/MLSKqKoJnUgpDc/tirvx gBj4hwWsuO+JQEQs+KcG =Xe5H -----END PGP SIGNATURE-----
Current thread:
- CVE Request for Drupal contributed modules Greg Knaddison (May 02)
- Re: CVE Request for Drupal contributed modules Kurt Seifried (May 02)
- <Possible follow-ups>
- CVE Request for Drupal contributed modules Greg Knaddison (May 30)
- Re: CVE Request for Drupal contributed modules Greg Knaddison (Jun 04)
- Re: CVE Request for Drupal contributed modules Solar Designer (Jun 04)
- Re: CVE Request for Drupal contributed modules Greg Knaddison (Jun 04)
- Re: CVE Request for Drupal contributed modules Greg Knaddison (Jun 04)
- Re: CVE Request for Drupal contributed modules Kurt Seifried (Jun 13)
- Re: CVE Request for Drupal contributed modules Henri Salo (Jun 14)
- Re: CVE Request for Drupal contributed modules Kurt Seifried (Jun 15)
- Re: CVE Request for Drupal contributed modules Steven M. Christey (Jun 27)