oss-security September 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] CVE requests: Typo3

Re: [oss-security] CVE requests: Typo3

From: Josh Bressers <bressers_at_nospam>
Date: Fri Sep 30 2011 - 14:58:42 GMT
To: oss-security@lists.openwall.com

----- Original Message -----
> Hi,
> please assign CVE IDs for two new Typo3 issues:
>
> 1. TYPO3-CORE-SA-2011-002: Potential SQL injection vulnerability in TYPO3
> Core
> http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-002/
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641682

Use CVE-2011-3583 for this.

>
> 2. TYPO3-CORE-SA-2011-003: Improper error handling could lead to cache
> flooding in TYPO3 Core
> http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-003/
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=641683
>

Use CVE-2011-3584 for this.

Thanks.

-- JB