|
Message-ID: <5046C1EF.9030301@redhat.com> Date: Tue, 04 Sep 2012 21:07:27 -0600 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Raphael Geissert <geissert@...ian.org> Subject: Re: CVE request: moinmoin incorrect ACL evaluation for virtual groups -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/04/2012 05:44 PM, Raphael Geissert wrote: > Hi, > > An issue has been discovered in the way MoinMoin evaluates ACLs and > virtual groups. The full description and fix is available at: > http://hg.moinmo.in/moin/1.9/rev/7b9f39289e16 > > Could a CVE id be assigned please? > > Additional reference: http://moinmo.in/SecurityFixes > > Cheers, Please use CVE-2012-4404 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iQIcBAEBAgAGBQJQRsHvAAoJEBYNRVNeJnmTLdkP/1uxV4FWbihvZUcfpdTpaGTs GJcjfNrox49WJeAw9+vQ/Ijyhboege4WXQotOf4u940bOmXKlTbrwJLfmeRt1Rjx ZyemGP+J4f7EgF1Cq+xZ8y5r8+pZgv2h+zACx4cvKjHsv19maDwRgQmA5PG8ztDQ KY6hyaEvpyM2BQlxOp5/8ImyCfHXxjj4UynwntmDJ11HNH9Orye3jV1aysIrokZe XUMMVa8glkQnw+3AvcMjEv7ZoykdPzlFkR4IcYDubL+cCeSAGxxLJQdcCKU5jPgQ +qxZTqYo6NPLHEr3OLUWI9S5TpYI7Pl+iARiTKZN27YnSDarsgTyqWsuIpkRSF+M ixkZoxiW1QdK+4PwlRPbBMcYpzvjIWVEwKq4WNeNu0WdeQQUEV0Q3ydjAG3pSa9w dQXxhQkmmnSoA990rKZ3kON7iF510b+1Io/v4aDlRS6EIz4AVuatzOUKpiPjb3wl 7bimHScnytXVcbzJT8u8wxzAK6ymGIin598mbQbIyPusXVTWdbZiFlLCihSKxOf9 iTv2Bwg3kajZii8/iTX+eCwTxs62FMYGpee/DOrARHLalnWkGd6djmUwvaduVUTt ZTzmGq6FjOL7JDpHPtrWtaKTD+nRl+B7RWkWTJV7zmWSNBS7q6lUvvIIiXYieACS +3DkLgMjtYDlFDIzPLWk =iQVh -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.