[Spip-maintainers] Bug#671264: [rt.debian.org #3807] Bug#671264: [CVE-2012-2151] spip: multiple XSS
David Prévot
david at tilapin.org
Wed May 2 23:58:37 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
forcemerge 670110 671264
thanks
Hi Luciano
Le 02/05/2012 15:57, Luciano Bello a écrit :
> The following vulnerability has been reported against spip:
> http://www.openwall.com/lists/oss-security/2012/05/01/4
>
> Please use CVE-2012-2151 for this issue.
Thanks, this has already been fixed by DSA-2461-1 in 2.1.1-3squeeze3
(and 2.1.13-1 in Sid), but we were not aware of a CVE at that time.
Can the CVE information be added to the security tracker?
Regards
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJPocotAAoJELgqIXr9/gnyl8sP/joPO9RtSoDqjD983mtm12sd
ZTiVJlEcz+DbenICZY2VM3dOOnw+eSrUKJ37W61SK08U2stUI/94nhXoQeYRKC+P
+zpnKyMdzd1/L6bjXSN5Pziv1p7eV4C0/A81kxlgNQohSbDBaKhzlyT/8hMVC59J
+4Jz1xPTvcJhwuDQH7pM2OBdn9Z92fRu4BFmknlGog1ZQIphnNqYOYhSzp2NENsS
DlgUhjoW5Dld1Iosc7SdN8Bu1vIFnvY3dEGFnczcHmXdrMUh3pYJVq1rlbsXxvW/
nims5OXBJqH0FMwb5pS9DgPkuaAGGxP8KsxFGaK8C1dDvha7fFT13eZzT23wwvP5
EupTvRQb3fgr/RJGbvFjloq4jpDlQl9qJfbpriMcLGjLqeRQRe5wIAVTSSYEJ0HZ
9fcenhzvAWafJRaOwbZ5OJceiJLkGyznQyz3lMoA/20Zf1zdtf57YHIVYuCYbV7L
ABgWG7gXpu33XWpwqhGp4IgVHRVb+/IDdV6TSKbykihnmeTUUzVVgQkw4fEVCgmH
I9Xvpxx6K0dBRkeWrArOB8XdsPwU6Caorhi0gEwwV02e0pv9en9HbEEG7L9tpkIb
fKy9MGBSCn7pXUgZM/1uK9ibedLR3BYcZRRzBWn8Dw1uLxqJkXAD1o2hVNzOFTpS
i1cyvYnJgmaS6OMPFoWj
=wyjP
-----END PGP SIGNATURE-----
More information about the Spip-maintainers
mailing list