Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE-request: Joomla core information disclosure 1.7.1
From: Henri Salo <henri () nerv fi>
Date: Fri, 2 Mar 2012 08:58:27 +0200

On Thu, Mar 01, 2012 at 10:14:40PM -0700, Kurt Seifried wrote:
On 03/01/2012 02:07 PM, Henri Salo wrote:
Hello,

It seems that this issue does not yet have CVE-identifier.

http://developer.joomla.org/security/news/371-20111002-core-information-disclosure.html

I can't never be sure with Joomla so maybe someone wants to verify this before assigment.

- Henri Salo

Looks like you asked for one for 20111001
(http://seclists.org/oss-sec/2011/q4/89) but I can't find a request for
20111002 anywhere.

For Joomla! core information disclosure 20111002 please use CVE-2011-4937.

-- 
Kurt Seifried Red Hat Security Response Team (SRT)

http://seclists.org/oss-sec/2012/q1/524 so the CVE seems to be CVE-2011-3629. Sorry again for the hassle. I think 
CVE-2011-4937 is now duplicate. How do we get Joomla's security personnel to request CVE-identifiers by themselves and 
add them to advisories? They do belong to oCERT.

- Henri Salo
ps. SORRY :)


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault