oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2013-2060 OpenShift Origin: Potential remote command execution vulnerability in download cart url

From: Kurt Seifried <kseifried () redhat com>
Date: Tue, 07 May 2013 00:16:07 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

CVE-2013-2060 OpenShift Origin: Potential remote command execution
vulnerability in download cart url

https://bugzilla.redhat.com/show_bug.cgi?id=960363

The code hasn't made it into OpenShift Online/Origin yet, just the
upstream source code, so unlikely many people are affected.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRiJwnAAoJEBYNRVNeJnmTdUAP/iS1YhK5hHF0J4P1dgpcHRjg
TnbsZSHc8Og8nXjoaCd6+0f32FpbYuZHMHxv6ObHI9P2hBYoGFHfB6mJf/z94X3t
mKfs8yDYY/QPZtIayBKYKjLZmKpUAl8f3aNCZEgXSw3jzJy6uQy1t5sQJ15IMbUM
pwj5ajatw8jx5Dk3YbirI9jw8MjTbipHP6z0CBif/q/pKCJDx6h7w2CG7EosKTC6
VfjZIA8w4SAlBnErLpHbgxcZmNZFOCE0xwY5Hs2kGk78PLMbHE+jB/7mefcx0jgQ
OzlDHm+LV5uimLPKmPN6yL7r/rhL+IItCid5CKdmQhnmIK+MWwQ4RCdtQngwjq21
eVe8SDDZCtA32COOesykLJSIn3hWNagQmnQ94+rTucHwYD/4goQWcQG3T8pwu3h+
lF84Hi/BsDBdvTpqwiJhj0HdJcnsDMgm1UvFHv9RSnxo3XOj8bXU8GWitxdYVyfs
FnKtDBE8I8CsX3s4FOHFGEcN8ZHCthkC8mkYEHLoWY213EVAaJw7zSiK8F3orvph
t88ZaD3/21ymz1JTy0GMPNuIa7iwqKvbUCQ3opQlQze9l6X157tFgzsKW/5eEuH7
+OJ/Ft1k7FhZxlabLRRK0oaxdSOqgKapUbL2/L15v68Kniep93FclMrUn2Ufke9/
ipUfyYZbv38c7Km5iXmK
=zblB
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: