[pkg-mt-om-devel] Bug#697666: CVE request for Movable Type
Yves-Alexis Perez
corsac at debian.org
Mon Jan 21 20:48:46 UTC 2013
Hi,
Movable Type 4.38 has been released few weeks ago, fixing a security
issue in the upgrade page.
More information can be found at [1] but basically it looks like missing
input sanitation on the mt-upgrade.cgi page.
As far as I can tell, no CVE has been allocated yet, could someone
allocate one?
Regards,
[1]: http://www.movabletype.org/2013/01/movable_type_438_patch.html
--
Yves-Alexis
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-mt-om-devel/attachments/20130121/004cc537/attachment.pgp>
More information about the pkg-mt-om-devel
mailing list