oss-sec mailing list archives
Re: CVE request: moinmoin incorrect ACL evaluation for virtual groups
From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 04 Sep 2012 21:07:27 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/04/2012 05:44 PM, Raphael Geissert wrote:
Hi, An issue has been discovered in the way MoinMoin evaluates ACLs and virtual groups. The full description and fix is available at: http://hg.moinmo.in/moin/1.9/rev/7b9f39289e16 Could a CVE id be assigned please? Additional reference: http://moinmo.in/SecurityFixes Cheers,
Please use CVE-2012-4404 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQIcBAEBAgAGBQJQRsHvAAoJEBYNRVNeJnmTLdkP/1uxV4FWbihvZUcfpdTpaGTs GJcjfNrox49WJeAw9+vQ/Ijyhboege4WXQotOf4u940bOmXKlTbrwJLfmeRt1Rjx ZyemGP+J4f7EgF1Cq+xZ8y5r8+pZgv2h+zACx4cvKjHsv19maDwRgQmA5PG8ztDQ KY6hyaEvpyM2BQlxOp5/8ImyCfHXxjj4UynwntmDJ11HNH9Orye3jV1aysIrokZe XUMMVa8glkQnw+3AvcMjEv7ZoykdPzlFkR4IcYDubL+cCeSAGxxLJQdcCKU5jPgQ +qxZTqYo6NPLHEr3OLUWI9S5TpYI7Pl+iARiTKZN27YnSDarsgTyqWsuIpkRSF+M ixkZoxiW1QdK+4PwlRPbBMcYpzvjIWVEwKq4WNeNu0WdeQQUEV0Q3ydjAG3pSa9w dQXxhQkmmnSoA990rKZ3kON7iF510b+1Io/v4aDlRS6EIz4AVuatzOUKpiPjb3wl 7bimHScnytXVcbzJT8u8wxzAK6ymGIin598mbQbIyPusXVTWdbZiFlLCihSKxOf9 iTv2Bwg3kajZii8/iTX+eCwTxs62FMYGpee/DOrARHLalnWkGd6djmUwvaduVUTt ZTzmGq6FjOL7JDpHPtrWtaKTD+nRl+B7RWkWTJV7zmWSNBS7q6lUvvIIiXYieACS +3DkLgMjtYDlFDIzPLWk =iQVh -----END PGP SIGNATURE-----
Current thread:
- CVE request: moinmoin incorrect ACL evaluation for virtual groups Raphael Geissert (Sep 04)
- Re: CVE request: moinmoin incorrect ACL evaluation for virtual groups Kurt Seifried (Sep 04)