headers
Johan Cwiklinski | 10 May 2012 21:06
Picon
Favicon

CVE-request: galette sql injection

Hello,

Versions 0.63x of galette (out-of-date but mostly used versions for now)
have an sql injection vulnerability.

Could a CVE be assigned for this vulnerability?

This issue has been reported on project's tracker:
http://redmine.ulysses.fr/issues/250

The issue has been fixed
(http://redmine.ulysses.fr/projects/galette/repository/revisions/8c13ec159ba),
a new release and an official announcment from the project will come
very soon.

Thank you!

--

-- 
Johan Cwiklinski
Permalink | Reply |
headers
Kurt Seifried | 11 May 2012 04:26
Picon
Favicon

Re: CVE-request: galette sql injection


On 05/10/2012 01:06 PM, Johan Cwiklinski wrote:
> Hello,
> 
> Versions 0.63x of galette (out-of-date but mostly used versions for
> now) have an sql injection vulnerability.
> 
> Could a CVE be assigned for this vulnerability?
> 
> This issue has been reported on project's tracker: 
> http://redmine.ulysses.fr/issues/250
> 
> The issue has been fixed 
> (http://redmine.ulysses.fr/projects/galette/repository/revisions/8c13ec159ba),
>
> 
a new release and an official announcment from the project will come
> very soon.
> 
> Thank you!

Please use CVE-2012-2338 for this issue.

--

-- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Permalink | Reply |

Gmane