|
Message-Id: <200902061409.34043.hanno@hboeck.de>
Date: Fri, 6 Feb 2009 14:09:33 +0100
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com
Cc: Steven Christey <coley@...us.mitre.org>
Subject: CVE request: phpbb < 3.0.4
From release notes:
"This release fixes some bugs introduced with the changes in 3.0.3, corrects
minor issues, fixes two security bugs and also increases performance
significantly."
"# [Sec] Fixed an issue where deactivated accounts could be re-activated
without the required privileges. (Reported by Jorick)
# [Sec] Ask for forum password if post within passworded forum quoted in
private message. (Reported by nickvergessen)"
--
Hanno Böck Blog: http://www.hboeck.de/
GPG: 3DBD3B20 Jabber/Mail: hanno@...eck.de
Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.