subject:"Bug#336582\: phpbb2 \-6sarge2 ready for Security release \(Was\: Re\: Bug#336582\: phpbb2\: New round of security issues\)"

Bug#336582: phpbb2 -6sarge2 ready for Security release (Was: Re: Bug#336582: phpbb2: New round of security issues)

2005-12-21 Thread Martin Schulze

Jeroen van Wolffelaar wrote: On Tue, Dec 20, 2005 at 06:54:18AM +0100, Martin Schulze wrote: Thijs Kinkhorst wrote: On Mon, 2005-12-19 at 06:53 +0100, Martin Schulze wrote: Thanks. Could somebody explain the issues that were fixed which have no security relevance? From the

Bug#336582: phpbb2 -6sarge2 ready for Security release (Was: Re: Bug#336582: phpbb2: New round of security issues)

2005-12-21 Thread Jeroen van Wolffelaar

On Wed, Dec 21, 2005 at 08:52:37PM +0100, Martin Schulze wrote: I've added CVE-2005-3536 Missing input sanitising of the topic type allows remote attackers to inject arbitrary SQL commands. ack. CVE-2005-3537 Missing request validation permitted remote attackers to edit

Bug#336582: phpbb2 -6sarge2 ready for Security release (Was: Re: Bug#336582: phpbb2: New round of security issues)

2005-12-20 Thread Jeroen van Wolffelaar

On Tue, Dec 20, 2005 at 06:54:18AM +0100, Martin Schulze wrote: Thijs Kinkhorst wrote: On Mon, 2005-12-19 at 06:53 +0100, Martin Schulze wrote: Thanks. Could somebody explain the issues that were fixed which have no security relevance? From the changelog there are at least two of them.

Bug#336582: phpbb2 -6sarge2 ready for Security release (Was: Re: Bug#336582: phpbb2: New round of security issues)

Bug#336582: phpbb2 -6sarge2 ready for Security release (Was: Re: Bug#336582: phpbb2: New round of security issues)

Bug#336582: phpbb2 -6sarge2 ready for Security release (Was: Re: Bug#336582: phpbb2: New round of security issues)

3 matches

Site Navigation

Mail list logo

Footer information