oss-sec mailing list archives
Re: CVEs requests for Drupal Core (SA-CORE-2015-003)
From: Pere Orga <pere () orga cat>
Date: Thu, 27 Aug 2015 13:31:54 +0200
Hi Salvatore On Thu, Aug 27, 2015 at 8:29 AM, Salvatore Bonaccorso <carnil () debian org> wrote:
Hi Pere On Fri, Aug 21, 2015 at 07:53:29PM +0200, Pere Orga wrote:Please can I have CVE IDs assigned to the following vulnerabilities: Cross-site Scripting - Ajax system - Drupal 7 Cross-site Scripting - Autocomplete system - Drupal 6 and 7 SQL Injection - Database API - Drupal 7 Cross-site Request Forgery - Form API - Drupal 6 and 7 Information Disclosure in Menu Links - Access system - Drupal 6 and 7 See https://www.drupal.org/SA-CORE-2015-003 for details.For reference: Looks like these five CVEs were assigned: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6658 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6659 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6660 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6661 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6665
Updated on our side, thanks. Regards Pere
Current thread:
- CVEs requests for Drupal Core (SA-CORE-2015-003) Pere Orga (Aug 21)
- Re: CVEs requests for Drupal Core (SA-CORE-2015-003) Salvatore Bonaccorso (Aug 26)
- Re: CVEs requests for Drupal Core (SA-CORE-2015-003) Pere Orga (Aug 27)
- Re: CVEs requests for Drupal Core (SA-CORE-2015-003) Salvatore Bonaccorso (Aug 26)