summaryrefslogtreecommitdiffstats
path: root/zarb-ml/mageia-dev/attachments/20120409
diff options
context:
space:
mode:
Diffstat (limited to 'zarb-ml/mageia-dev/attachments/20120409')
-rw-r--r--zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment-0001.html4
-rw-r--r--zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment.html4
-rw-r--r--zarb-ml/mageia-dev/attachments/20120409/fb9bb795/attachment-0001.asc17
-rw-r--r--zarb-ml/mageia-dev/attachments/20120409/fb9bb795/attachment.asc17
4 files changed, 42 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment-0001.html b/zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment-0001.html
new file mode 100644
index 000000000..e453a5760
--- /dev/null
+++ b/zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment-0001.html
@@ -0,0 +1,4 @@
+ping?<br><br>在 2012年4月9日星期一,Funda Wang &lt;<a href="mailto:fundawang@gmail.com">fundawang@gmail.com</a>&gt; 写道:<br>&gt; ping?<br>&gt;<br>&gt; 2012/4/8 Funda Wang &lt;<a href="mailto:fundawang@gmail.com">fundawang@gmail.com</a>&gt;:<br>
+&gt;&gt; Hello,<br>&gt;&gt;<br>&gt;&gt; Could somebody pushing redmine 1.3.2 into cauldron?<br>&gt;&gt;<br>&gt;&gt; Redmine before 1.3.2 does not properly restrict the use of a hash to<br>&gt;&gt; provide values for a model&#39;s attributes, which allows remote attackers<br>
+&gt;&gt; to set attributes in the (1) Comment, (2) Document, (3) IssueCategory,<br>&gt;&gt; (4) MembersController, (5) Message, (6) News, (7) TimeEntry, (8)<br>&gt;&gt; Version, (9) Wiki, (10) UserPreference, or (11) Board model via a<br>
+&gt;&gt; modified URL, related to a &quot;mass assignment&quot; vulnerability, a<br>&gt;&gt; different vulnerability than CVE-2012-0327.<br>&gt;&gt;<br>&gt;&gt; Thanks.<br>&gt;
diff --git a/zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment.html b/zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment.html
new file mode 100644
index 000000000..e453a5760
--- /dev/null
+++ b/zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment.html
@@ -0,0 +1,4 @@
+ping?<br><br>在 2012年4月9日星期一,Funda Wang &lt;<a href="mailto:fundawang@gmail.com">fundawang@gmail.com</a>&gt; 写道:<br>&gt; ping?<br>&gt;<br>&gt; 2012/4/8 Funda Wang &lt;<a href="mailto:fundawang@gmail.com">fundawang@gmail.com</a>&gt;:<br>
+&gt;&gt; Hello,<br>&gt;&gt;<br>&gt;&gt; Could somebody pushing redmine 1.3.2 into cauldron?<br>&gt;&gt;<br>&gt;&gt; Redmine before 1.3.2 does not properly restrict the use of a hash to<br>&gt;&gt; provide values for a model&#39;s attributes, which allows remote attackers<br>
+&gt;&gt; to set attributes in the (1) Comment, (2) Document, (3) IssueCategory,<br>&gt;&gt; (4) MembersController, (5) Message, (6) News, (7) TimeEntry, (8)<br>&gt;&gt; Version, (9) Wiki, (10) UserPreference, or (11) Board model via a<br>
+&gt;&gt; modified URL, related to a &quot;mass assignment&quot; vulnerability, a<br>&gt;&gt; different vulnerability than CVE-2012-0327.<br>&gt;&gt;<br>&gt;&gt; Thanks.<br>&gt;
diff --git a/zarb-ml/mageia-dev/attachments/20120409/fb9bb795/attachment-0001.asc b/zarb-ml/mageia-dev/attachments/20120409/fb9bb795/attachment-0001.asc
new file mode 100644
index 000000000..048134b9e
--- /dev/null
+++ b/zarb-ml/mageia-dev/attachments/20120409/fb9bb795/attachment-0001.asc
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQIcBAEBAgAGBQJPgrN1AAoJEOsuQJrxVIpnmhMP/3Rz3k8obdlzMuEfWw6oWl1f
+LL9Fb5uD1ZIyPEeKOVHpcKjMmazfSqVitgGJR2prjCvTOri2eFII9iV8CvdSzm9b
+IgkiCJZ3CnvNINHkZTo0volWxpoKxDcQnEOSatfhYH6BfGFXgBcpm6e6UWLc8gez
+oYaPbGNSZ3IB3rNW32taeyGDsZ5vaXjOymz/KEwOsDuXHez+eUi5sfAav+ZusloO
+b6FRGSTmpTreevSF6F1aCucjPS0mAJSOn0q8+4WR6RYDqU3rvX8hpzfPWOkemAsH
+ec3+kh6+eoDsfFzc6nCH2yRndzQD4AVeBR8cQzcaGpxtqU1S01V52pcVtP8Xp9vs
+cIo/WtLXfSdIq0i7fhRxY2wtSpKDSDsbNo3c1kz+r6nOsZSTC3sdE9TPY58A0Rhm
+pX5I26h3ZFNH6l3kFO1l7V8mhtyFn/uqUD3pgCYs9tKms+AiIUSqToiamxTWEAl1
+tt+eWjpcqAld9pREBpyVzAkMQGl65io+aJuIjcNvj3dYHkVKDdg5b/bXg1DuqhRZ
+v9d3zghJ/P7jPKv+ISPLlD4wO2eKcTeqY6mL1f1jIHl0+p8y42FDYFUZjQi7Zb/b
+By17FyrzSMaMTBzzk6VY3M55LBmV1FIsHB7SjvEfL+29ToQMhh3j6AsQc12ZxmEc
+mH8TKnqZaedEgU4aP3Cz
+=6AlU
+-----END PGP SIGNATURE-----
diff --git a/zarb-ml/mageia-dev/attachments/20120409/fb9bb795/attachment.asc b/zarb-ml/mageia-dev/attachments/20120409/fb9bb795/attachment.asc
new file mode 100644
index 000000000..048134b9e
--- /dev/null
+++ b/zarb-ml/mageia-dev/attachments/20120409/fb9bb795/attachment.asc
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+iQIcBAEBAgAGBQJPgrN1AAoJEOsuQJrxVIpnmhMP/3Rz3k8obdlzMuEfWw6oWl1f
+LL9Fb5uD1ZIyPEeKOVHpcKjMmazfSqVitgGJR2prjCvTOri2eFII9iV8CvdSzm9b
+IgkiCJZ3CnvNINHkZTo0volWxpoKxDcQnEOSatfhYH6BfGFXgBcpm6e6UWLc8gez
+oYaPbGNSZ3IB3rNW32taeyGDsZ5vaXjOymz/KEwOsDuXHez+eUi5sfAav+ZusloO
+b6FRGSTmpTreevSF6F1aCucjPS0mAJSOn0q8+4WR6RYDqU3rvX8hpzfPWOkemAsH
+ec3+kh6+eoDsfFzc6nCH2yRndzQD4AVeBR8cQzcaGpxtqU1S01V52pcVtP8Xp9vs
+cIo/WtLXfSdIq0i7fhRxY2wtSpKDSDsbNo3c1kz+r6nOsZSTC3sdE9TPY58A0Rhm
+pX5I26h3ZFNH6l3kFO1l7V8mhtyFn/uqUD3pgCYs9tKms+AiIUSqToiamxTWEAl1
+tt+eWjpcqAld9pREBpyVzAkMQGl65io+aJuIjcNvj3dYHkVKDdg5b/bXg1DuqhRZ
+v9d3zghJ/P7jPKv+ISPLlD4wO2eKcTeqY6mL1f1jIHl0+p8y42FDYFUZjQi7Zb/b
+By17FyrzSMaMTBzzk6VY3M55LBmV1FIsHB7SjvEfL+29ToQMhh3j6AsQc12ZxmEc
+mH8TKnqZaedEgU4aP3Cz
+=6AlU
+-----END PGP SIGNATURE-----
generated by cgit v1.2.1 (git 2.21.0) at 2025-03-14 10:53:35 +0000