| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20141018093405.GF1105@kludge.henri.nerv.fi> Date: Sat, 18 Oct 2014 12:34:05 +0300 From: Henri Salo <henri@...v.fi> To: sourav.infosec@...il.com Cc: bugtraq@...urityfocus.com Subject: Re: LiveZilla 5.3.0.7 Security Issue -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Oct 14, 2014 at 04:28:27PM +0000, sourav.infosec@...il.com wrote: > I had reported few xss issues on LiveZilla 5.3.0.7 . They fixed it properly and informed me. Now latest build is 5.3.0.8 / 2014-09-25. > > http://changelog.livezilla.net/ > > Can you help me regarding CVE. I can send you the vulnerability details. CVE OpenSource Request HOWTO can be located at: http://people.redhat.com/kseifrie/CVE-OpenSource-Request-HOWTO.html As "Live!Zilla" product is open-source you can request CVE in public oss-security mailing list: http://oss-security.openwall.org/wiki/ http://www.openwall.com/lists/oss-security/ You should include following details to your request if available: - - Software and vendor name - - Type of vulnerability - - Link to vulnerable source code or fix - - Link to source code change log - - Link to security advisory - - Link to bug entry - - Affected versions - - Fixed in versions - - Proof of concept code/exploit I am more than happy to help you off-list or create the request with you. - --- Henri Salo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlRCNA0ACgkQXf6hBi6kbk/dywCgwMa7m0hu/rUgBGOvs8QFOcnv MGgAoJzWiIb9gTcNNqs1WbhvJa3bPskQ =r3Pj -----END PGP SIGNATURE-----
Powered by blists - more mailing lists