[Bug 1614841] Re: CSRF protection needs to be extended to the user options page
Matthias Andree
1614841 at bugs.launchpad.net
Mon Sep 5 03:10:23 EDT 2016
Re Comment #3 it appears this has triggered a new CVE-2016-7123 to be
issued just based on this one line that Mark Sapiro wrote with no other
confirmation than this launchpad bug #1614841, but I wonder if the
latter CVE (CVE-2016-7123) is a duplicate of the old CVE-2011-0707, or a
new separate issue. Haven't been able to find relevant information so
far, and people are also wondering and reporting this elsewhere.
<https://www.cvedetails.com/cve/CVE-2011-0707/>
Related: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212378 <-
requesting FreeBSD to list CVE-2016-7123 as a new bug (note that FreeBSD
already marked CVE-2016-6893 which covers a wider span of versions).
** Bug watch added: bugs.freebsd.org/bugzilla/ #212378
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212378
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-0707
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-7123
--
You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.
https://bugs.launchpad.net/bugs/1614841
Title:
CSRF protection needs to be extended to the user options page
To manage notifications about this bug go to:
https://bugs.launchpad.net/mailman/+bug/1614841/+subscriptions
More information about the Mailman-coders
mailing list