Re: CVE-2010-3205 affects textpattern package

To: debian-security-tracker@lists.debian.org
Subject: Re: CVE-2010-3205 affects textpattern package
From: Steven Chamberlain <steven@pyro.eu.org>
Date: Mon, 20 May 2013 15:37:21 +0100
Message-id: <[🔎] 519A3521.2010303@pyro.eu.org>
In-reply-to: <[🔎] 20130520135840.GA30882@squeeze.pyro.eu.org>
References: <[🔎] 20130520135840.GA30882@squeeze.pyro.eu.org>

On 20/05/13 14:58, Steven Chamberlain wrote:
> CVE-2010-3205 in the Textpattern CMS was marked 'NOT-FOR-US', but
> there is a package of the affected version 4.2.0 in oldstable:
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3205

By the way, I can't confirm that the vulnerability assigned the CVE is
legitimate.  In fact it doesn't look to me that it could work.

Regards,
-- 
Steven Chamberlain
steven@pyro.eu.org

Reply to:

References:
- CVE-2010-3205 affects textpattern package
  - From: Steven Chamberlain <steven@pyro.eu.org>

Prev by Date: CVE-2010-3205 affects textpattern package
Next by Date: External check
Previous by thread: CVE-2010-3205 affects textpattern package
Next by thread: Re: CVE-2010-3205 affects textpattern package
Index(es):
- Date
- Thread