oss-sec mailing list archives
RE: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156)
From: "Evans, Jonathan L." <jevans () mitre org>
Date: Mon, 26 Oct 2015 11:38:10 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
SA-CONTRIB-2015-138 - Compass Rose - Cross Site Scripting (XSS) https://www.drupal.org/node/2546174
The vulnerability is in the Compass Rose module, not in the jQueryRotate library.
Use CVE-2015-7980. - - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJWLhBbAAoJEL54rhJi8gl58MEP/2OVdZyo0jvNbb8K/daB2y1C JW4IUxB0zQRNYVfL6pSgl/sJWK2mHtLL2jq6baFafKevcLN76RsaUhNnG+uzvSSr hl4ribHA8JKRC4Fs/nJ6EUduRXHBwwGelIlopawAqANhqaXoSHlaqeEiRpGogdEn w7AyBvCFX3W/sCBIawA58NroNbUqosF3/gZW6RBSiTByAoeXpxt7y0AlbhczNXTJ kbc+17dWAWDSnLntSAVfhITeS6FyXSjWMMDDeunbE+4s4UnLBOMNGz7LcnXvMX4s bQQ5aF9pOsg4UxjVJlhUOAF8v2B43TKUKNY2QE5yipf3UDB/8I3VMFKstUTcKb1a wS5F/2oQp87fr1nvu37PDeyWMFooX0smpMxBxrjY9CheQzlA1cA5v67SmczA082K 1H4KYMDkK+AIQ26AeymlBph13kiQTQ73WUfqe6Gi9XDk04cexz0HZAiDqPvUp3q9 amwsrMmhRvi6yUthYG2ZeHFSSszUK1QcOJM/xMETGKGUtObFzMebS5WUFMe887lu Z0tbTNDrd4CMiKvU3ipN0t7xfuy3QVwATKM+actyb3sIfrXJkvll7MBI7i81dOgq M1pYabYssWRzIjJvVg5GvAQrdsegoMCJ29V6Ju4lbbvn72SYLfY+m8OvCFXIreHm HYpQbV88rGHOa5WG6Kob =b2WS -----END PGP SIGNATURE-----
Current thread:
- CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Pere Orga (Oct 14)
- <Possible follow-ups>
- Re: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Evans, Jonathan L. (Oct 21)
- Re: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Pere Orga (Oct 24)
- CVE Requests for read out of bound in libpng xiaoqixue_1 (Oct 25)
- Re: CVE Requests for read out of bound in libpng cve-assign (Oct 26)
- RE: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Evans, Jonathan L. (Oct 26)
- Re: CVE Requests for Drupal contributed modules (from SA-CONTRIB-2015-132 to SA-CONTRIB-2015-156) Pere Orga (Oct 24)