Guardian Digital WebTool

oss-security September 2011 archive

Main Archive Page > Month Archives > oss-security archives

oss-security: Re: [oss-security] CVE requests: Typo3

Re: [oss-security] CVE requests: Typo3

From: Josh Bressers <bressers_at_nospam>
Date: Fri Sep 30 2011 - 14:58:42 GMT
To: oss-security@lists.openwall.com

----- Original Message -----
> Hi,
> please assign CVE IDs for two new Typo3 issues:
>
> 1. TYPO3-CORE-SA-2011-002: Potential SQL injection vulnerability in TYPO3
> Core
> http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-002/
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641682

Use CVE-2011-3583 for this.

>
> 2. TYPO3-CORE-SA-2011-003: Improper error handling could lead to cache
> flooding in TYPO3 Core
> http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-003/
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641683
>

Use CVE-2011-3584 for this.

Thanks.

-- JB

This message: [ Message body ]
Next message: Josh Bressers: "Re: [oss-security] CVE Request: samba, cifs-utils"
Previous message: Josh Bressers: "Re: [oss-security] CVE Request: Advanced Electron Forums (AEF) 1.0.9 <= Cross Site Request Forgery (CSRF) Vulnerability"
In reply to: Moritz Muehlenhoff: "[oss-security] CVE requests: Typo3"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]

© Copyright 2012 Guardian Digital, Inc. All Rights Reserved.