|
Message-ID: <4FADFEEF.1070506@redhat.com> Date: Sat, 12 May 2012 00:10:55 -0600 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Moritz Muehlenhoff <jmm@...ian.org>, Henri Salo <henri@...v.fi>, cve-assign@...re.org Subject: Re: CVE-request: TYPO3 TYPO3-SA-2010-022 still without CVE -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > But these are from 2010, they should not have 2012-* IDs? > > Cheers, Moritz Correct. CVE-2012-2342 **REJECT** wrong year CVE-2012-2343 **REJECT** wrong year CVE-2012-2344 **REJECT** wrong year CVE-2012-2345 **REJECT** wrong year CVE-2012-2346 **REJECT** wrong year CVE-2012-2347 **REJECT** wrong year CVE-2012-2348 **REJECT** wrong year CVE-2012-2349 **REJECT** wrong year CVE-2010-5097 TYPO3-SA-2010-022 #1 frontend click enlarge XSS CVE-2010-5098 TYPO3-SA-2010-022 #1 frontend form content object XSS CVE-2010-5099 TYPO3-SA-2010-022 #2 PHP file inclusion protection API CVE-2010-5100 TYPO3-SA-2010-022 #3 Install Tool XSS CVE-2010-5101 TYPO3-SA-2010-022 #4 Backend Remote File Disclosure CVE-2010-5102 TYPO3-SA-2010-022 #4 Backend Path Traversal CVE-2010-5103 TYPO3-SA-2010-022 #4 Backend SQL Injection CVE-2010-5104 TYPO3-SA-2010-022 #5 Database API info disclosure My apologies. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJPrf7vAAoJEBYNRVNeJnmTcu0QAIN2ZFU2LvAQAt6+fwS5WBVw ak2cuMPoTj9Wtq8QWXMxChm0CKZGCgKSw4REHhsiTfU6lwuKSzeLv+WkKt4rC7CL tVycQiQtOcKcs1N+IWzABP28hpZvI14+LTbnECRVviSa/0ncYN4hny75Inw0XMNd QWjI3VN6oMblmdPDpN748f0v+QB/z/sj/TfSXcs0ZvcjaNdrzMGNinXY5AhHJRAN NOuletborCBOOqmFnzK79WmGN1/cCRR4/mGol0kEddTFA6svoHP8ywp5sU3G48WD JaRLwJiqzSV96gQs+XTBYheLlRwAkZLp9KGkdQPL893yWgXCbhPQBs8fFHll9GF3 HGwlkqtc0PEXso7ilKvvG3UN0OHoML6U2TCDrZzRzZIQa8pA85oW9Vib632hRHTz JpFEix/uGWYTmWud2qELTwS2w3QTxP1z4PMU8nf0wCvzcvOXUNhERMKnZzzHwQSA 6K+lzhJKBQ9sXebHHJevrMo8U5cXHSg3AUP16nnbJmPh+8JYEpgGW8E1BlTLr+ny wuxgjhdFJN/kSGUw1glgZoJ09FMKVyPiyiNm9bnLwo1XHuh0AJS9HiwhJ9hc3m5B vFOvEQDgKTlRhUj78WuQVpNYm0ofqfLp7+EWxrB2SGidVpDDPDnC8X0lYXklPXDH TY86G7v8FcENxtg1kTmH =a0ip -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.