Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CABbbngC6gO1ry3Biad2qsWwmaTyjnh82oG72ptMKaPkw9m+65g@mail.gmail.com>
Date: Sun, 17 Nov 2013 21:34:23 -0800
From: Forest Monsen <forest.monsen@...il.com>
To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
Cc: Kurt Seifried <kseifried@...hat.com>
Subject: CVE request for Drupal contributed modules

Hi there, I'd like to request CVEs for:

SA-CONTRIB-2013-087 - Payment for Webform - Access Bypass
https://drupal.org/node/2129373

SA-CONTRIB-2013-088 - Secure Pages - Missing Encryption of Sensitive Data
https://drupal.org/node/2129381

SA-CONTRIB-2013-089 - Node Access Keys - Access Bypass
https://drupal.org/node/2129379

SA-CONTRIB-2013-090 - Revisioning - Access Bypass
https://drupal.org/node/2135257

SA-CONTRIB-2013-091 - Groups, Communities and Co (GCC) - Access Bypass
https://drupal.org/node/2135267

SA-CONTRIB-2013-092 - Misery - Denial of Service (DOS) vulnerability
https://drupal.org/node/2135273
(Says multiple, but it seems to me this is really just a single DoS vuln.)

Thanks Kurt.

Best,
Forest

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.