oss-security December 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] CVE request: simplesamlphp / Ty

Re: [oss-security] CVE request: simplesamlphp / Typo3

From: Moritz Mühlenhoff <jmm_at_nospam>
Date: Fri Dec 23 2011 - 21:58:08 GMT
To: Kurt Seifried <kseifried@redhat.com>

On Fri, Dec 23, 2011 at 01:45:25PM -0700, Kurt Seifried wrote:
> On 12/23/2011 01:20 PM, Moritz Muehlenhoff wrote:
> >Hi,
> >
> >1. Please assign a CVE ID for this issue in simplesamlphp we fixed in a DSA
> >a while ago:
> >http://lists.debian.org/debian-security-announce/2011/msg00206.html
> Please use CVE-2011-4625 for this issue

Thanks.
 
> >2. Please assign a CVE ID for these issues in Typo3 we fixed in a DSA
> >a while ago:
> >http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2011-001/
> >http://lists.debian.org/debian-security-announce/2011/msg00163.html
>
> Argh. This one will have to wait since 1) I need to assign CVE's for
> ALL the typo3 issues for 2011

AFAICS all the other Typo3 issues from 2011 have IDs assiged:
TYPO3-CORE-SA-2011-004: CVE-2011-4614
TYPO3-CORE-SA-2011-003: CVE-2011-3584
TYPO3-CORE-SA-2011-002: CVE-2011-3583

Cheers,
       Moritz