oss-sec mailing list archives

Re: CVE Request for Drupal Contributed Advisories on 2012-04-11

From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 11 Apr 2012 20:06:36 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/11/2012 02:47 PM, Greg Knaddison wrote:

Hello,

Two releases today need CVEs:

http://drupal.org/node/1528614 SA-CONTRIB-2012-058 - Fivestar -
Input Validation


Please use CVE-2012-2096 for this issue.

http://drupal.org/node/1528864 SA-CONTRIB-2012-059 - Autosave -
Cross Site Request Forgery


Please use CVE-2012-2097 for this issue.

Thanks, Greg



- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPhjisAAoJEBYNRVNeJnmTnfYQAM81Kv+wwD5giwUw6lScrbj+
hUmUckKAHCEm/F+HyXHvTch9IeXGkyyMjpoze28rJlLc9FO8L4YEHxGyzjaR93DY
r5jPApQpjDAzcWOfBqwij6J9zg9FooYg+T+hfgRqE9+HNUVM9C88jti04UgeV5ja
SbR4vpJVs+iDFpoLQ6WZ7asHRJWossn9O2eS05Js+bi7UTysLy66DtocR4oxLHjC
/piwKYP0oQGYw17SNZJJUeITwaYTjm0dmA9w60EZfrQByBtxNRo2A0elbm98+pnX
5foUBnqh76iaqwPUUQZtfqiNa7x5DFfVoJPzL9Bv8D6VPQGiMgHfxGxIdlJAqXQG
WYIqDvs5bi0Sz/e6Qm2rE69cZXvqP4enV2WOTehXceiHymc318xbSuRR+HwnMy4q
rWYHjZI4a1V21vObzYvISVZ1kzQPAG/DMTxagfoGxNj7z2jVbrjNBv5KzxGKHgk+
QecUN584NIvJmwy5kYf/9Sba4H/Ui2/wlpUTb1D4Zc4QixBVyVDXVk/vI4VCzhE2
nqCLeqDonqE10Aw18+rGE3dNJhsJOxVTzUbL0tOFGAu5XLzjAJ7mtySUAnSAOHVN
/2CeGLxI2OGZx+Tps1eq/pWUNC3zyzVUagorE/gyRbaL7GahYzWyy8qJqSw3Av4+
Ft34INBVNXA8rCSXmDo5
=O/Pw
-----END PGP SIGNATURE-----

Current thread:

CVE Request for Drupal Contributed Advisories on 2012-04-11 Greg Knaddison (Apr 11)
- Re: CVE Request for Drupal Contributed Advisories on 2012-04-11 Kurt Seifried (Apr 11)