Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <4680B31DCCC3B6428FB4E85ED9D540D0032B29@SRVEXCH.oppida.fr>
Date: Wed, 28 Mar 2012 11:58:51 +0000
From: Luc ABRIC <luc.abric@...ida.fr>
To: "'oss-security@...ts.openwall.com'" <oss-security@...ts.openwall.com>
CC: "'kseifried@...hat.com'" <kseifried@...hat.com>,
        Karim SLAMANI
	<karim.slamani@...ida.fr>,
        Valérian PERRET
	<valerian.perret@...ida.fr>,
        Yann MICHARD <yann.michard@...ida.fr>
Subject: CVE 2012-1565 Insecure object reference

Hi,

eZ Publish published more informations about this specific issue:
http://share.ez.no/blogs/ez/security-advisory-promptly-patch-your-ez-publish-instances2

The vulnerability detailled in the CVE is the one described by EZSA-2012-001.

We also posted more details on our blog:
http://blog-oppida.blogspot.fr/2012/03/ezpublish-object-remote-full.html

Can you update the CVE description with those informations?
Do you need help with the translation effort?

I'll send a few more CVE requests for the other vulnerabilities.

Regards,
Luc ABRIC
IT Security Expert

6 avenue du Vieil Etang - Bâtiment B
78180 Montigny-le-Bretonneux
Phone: +33 (0)1 30 14 19 00
Fax:       +33 (0)1 30 14 19 09
Mobile: +33 (0)6 26 87 62 14
luc.abric@...ida.fr

www.oppida.fr

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.