|
Message-ID: <1212107829.27653.1302550973039.JavaMail.root@zmail01.collab.prod.int.phx2.redhat.com> Date: Mon, 11 Apr 2011 15:42:53 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: coley <coley@...re.org> Subject: Re: CVE requests : Liferay 6.0.6 ----- Original Message ----- > Sorry for the delay, this one was bigger than a breadbox so I needed > to > find a block of time to handle it. > > ----- Original Message ----- > > Hello, > > > > version 6.0.6 of Liferay correct 3 security vulnerabilities related > > to > > the processing of XSLT content and 2 XSS. > > > > The full 6.0.6 Changelog : > > http://issues.liferay.com/secure/ReleaseNote.jspa?version=10656&styleName=Html&projectId=10952 > > > > Remote command execution : > > http://issues.liferay.com/browse/LPS-14726 > > Use CVE-2011-1501 > Due to an error on my part, CVE-2011-1501 is a dupe. Please use CVE-2011-1571 for the above issue instead. Steve, can MITRE mark CVE-2011-1501 as not used. Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.