oss-sec mailing list archives

Re: CVE request for Drupal contrib modules

From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 17 Jul 2013 00:03:37 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/16/2013 03:36 PM, Forest Monsen wrote:

Hi there,

I'd like to request CVE identifiers for:

SA-CONTRIB-2013-055 - Hatch - Cross Site Scripting 
https://drupal.org/node/2038363


Please use CVE-2013-4138 for this issue.

SA-CONTRIB-2013-056 - Stage File Proxy - Denial of Service 
https://drupal.org/node/2038801



Please use CVE-2013-4139 for this issue.

SA-CONTRIB-2013-057 - TinyBox - Cross Site Scripting (XSS) 
https://drupal.org/node/2038807



Please use CVE-2013-4140 for this issue.

Thanks!

Forest



- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJR5jO5AAoJEBYNRVNeJnmTrqcP/0I1Q++UVyJlYnfMYFjllcpJ
1YVURdWIazG/12bx5RIBPK5FFDKbsTpgLdFW9bJ8kqquUC3AVawGxbVh7mcdMHOQ
qqGmY2pKTuESTCzGmXYA6Ktyelfdbo5mr9KzrewHLdMCzUyRS50jmTZWUobKK3du
yvOT8hPfPoZB/1xP2bI7dNufcYCapMCgSJBwg9pOPCsXA2kFRIvtmuxKFpjC69LC
xZeQkNxfQL1Dv3oXzjxeOJTZiNQeCcnu0oSjsGr/axccpEpMKSgUaKa8Wx+F1hG4
6VjAXiVpcjWuu/A9u8Ms/blUht/EeGFTqXnjxvK2Kfepu4EgAcdMrwzZLawlx/z+
SgnbJXh6XRNYOIDPyiBsmpJkakn/xdZe/vk25KxafUg6f3OhSePR04ZE2xCYDa5m
xsdVFycKlQkLzCnQFwp2VtUelX59pjW2X35oLBkU2AGwbrFk9XGWseMYXcDwIG4I
e17Y01nMIt2eLSh2sgNhzbjqxpA6owV5ItAzRb28CfGG1fIag1O3uBKowZjiu+R7
1wJLU/Ww7ILho7C6ZeG4B6yaFzdipzJclVA++/OhxNpd/2je0Kt3x34xoEnPkHam
A51m6spUf5TZhpIj7ZQuUhmgLf/DYTUcCujagRFKocZXYf/1M5/NH7ItK/6uBoY2
HbnvcvT8zJFcII7IkhHi
=MTgT
-----END PGP SIGNATURE-----

Current thread:

CVE request for Drupal contrib modules Forest Monsen (Jul 16)
- Re: CVE request for Drupal contrib modules Kurt Seifried (Jul 16)
- <Possible follow-ups>
- CVE request for Drupal contrib modules Forest Monsen (Sep 03)
  - Re: CVE request for Drupal contrib modules Kurt Seifried (Sep 11)