Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 12 Jun 2011 12:20:06 -0300
From: Felipe Pena <felipensp@...il.com>
To: oss-security@...ts.openwall.com
Subject: CVE Request: PHP File upload filename

Hi,
Please assign a CVE id for "File path injection vulnerability in RFC1867
File upload filename" [1].

The fix for the bug has been already committed. [2]

Reported by: Krzysztof Kotowicz <kkotowicz at gmail dot com>


[1] - http://bugs.php.net/bug.php?id=54939
[2] - http://svn.php.net/viewvc?view=revision&revision=312103

Thanks.

-- 
Regards,
Felipe Pena

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ