Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE request: plone privilege escalation flaw
From: Josh Bressers <bressers () redhat com>
Date: Tue, 12 Jul 2011 14:30:11 -0400 (EDT)

Please use CVE-2011-2528.

Thanks.

-- 
    JB

----- Original Message -----
Looks like the previous fix for Plone/Zope (CVE-2011-0720) caused a
new
privilege escalation flaw in Plone 3.x and 4.x.

Could a CVE be assigned?

References:
https://bugzilla.redhat.com/show_bug.cgi?id=718824
http://plone.org/products/plone/security/advisories/20110622
http://plone.org/products/plone-hotfix/releases/20110622
http://secunia.com/advisories/45111

Thanks.

--
Vincent Danen / Red Hat Security Response Team


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]