Summary: | <www-apps/phpBB-3.0.7_p1: Multiple vulnerabilites (CVE-2010-{1627,1630}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Stefan Behte (RETIRED) <craig> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | steffen, web-apps |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.phpbb.com/community/viewtopic.php?f=14&t=2014195 | ||
Whiteboard: | ~4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Stefan Behte (RETIRED)
2010-05-21 22:44:49 UTC
CVE-2010-1630 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1630): Unspecified vulnerability in posting.php in phpBB before 3.0.5 has unknown impact and attack vectors related to the use of a "forum id" in circumstances related to a "global announcement." You can find updated ebuilds in bug #272311 +*phpBB-3.0.7_p1 (21 Aug 2010) + + 21 Aug 2010; Alex Legler <a3li@gentoo.org> -phpBB-3.0.4.ebuild, + +phpBB-3.0.7_p1.ebuild: + Non-maintainer commit: Version bump for security bug 320977. Also closes + bump request 272311, thanks to all the people there who submitted ebuilds. + Removing vulnerable ebuild. + Closing noglsa. |