From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001
From: Nicolas Vigier <boklm@mageia.org>
Date: Sun, 14 Apr 2013 13:46:12 +0000
Subject: Add zarb MLs html archives

---
 zarb-ml/mageia-dev/2012-April/014010.html | 100 ++++++++++++++++++++++++++++++
 1 file changed, 100 insertions(+)
 create mode 100644 zarb-ml/mageia-dev/2012-April/014010.html

(limited to 'zarb-ml/mageia-dev/2012-April/014010.html')

diff --git a/zarb-ml/mageia-dev/2012-April/014010.html b/zarb-ml/mageia-dev/2012-April/014010.html
new file mode 100644
index 000000000..868bf6f77
--- /dev/null
+++ b/zarb-ml/mageia-dev/2012-April/014010.html
@@ -0,0 +1,100 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<HTML>
+ <HEAD>
+   <TITLE> [Mageia-dev] Freeze push: redmine 1.3.2
+   </TITLE>
+   <LINK REL="Index" HREF="index.html" >
+   <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Freeze%20push%3A%20redmine%201.3.2&In-Reply-To=%3CCAOfq2QSwQJ%3DcqAZvxP%3Dm_iTzbVHBkGYYHL%3D3eT5dN7RiN0j5%3DA%40mail.gmail.com%3E">
+   <META NAME="robots" CONTENT="index,nofollow">
+   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
+   <LINK REL="Previous"  HREF="014009.html">
+   <LINK REL="Next"  HREF="014037.html">
+ </HEAD>
+ <BODY BGCOLOR="#ffffff">
+   <H1>[Mageia-dev] Freeze push: redmine 1.3.2</H1>
+    <B>Funda Wang</B> 
+    <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20Freeze%20push%3A%20redmine%201.3.2&In-Reply-To=%3CCAOfq2QSwQJ%3DcqAZvxP%3Dm_iTzbVHBkGYYHL%3D3eT5dN7RiN0j5%3DA%40mail.gmail.com%3E"
+       TITLE="[Mageia-dev] Freeze push: redmine 1.3.2">fundawang at gmail.com
+       </A><BR>
+    <I>Sun Apr  8 08:38:41 CEST 2012</I>
+    <P><UL>
+        <LI>Previous message: <A HREF="014009.html">[Mageia-dev] Freeze push: drakx-installer-rescue
+</A></li>
+        <LI>Next message: <A HREF="014037.html">[Mageia-dev] Freeze push: redmine 1.3.2
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#14010">[ date ]</a>
+              <a href="thread.html#14010">[ thread ]</a>
+              <a href="subject.html#14010">[ subject ]</a>
+              <a href="author.html#14010">[ author ]</a>
+         </LI>
+       </UL>
+    <HR>  
+<!--beginarticle-->
+<PRE>Hello,
+
+Could somebody pushing redmine 1.3.2 into cauldron?
+
+Redmine before 1.3.2 does not properly restrict the use of a hash to
+provide values for a model's attributes, which allows remote attackers
+to set attributes in the (1) Comment, (2) Document, (3) IssueCategory,
+(4) MembersController, (5) Message, (6) News, (7) TimeEntry, (8)
+Version, (9) Wiki, (10) UserPreference, or (11) Board model via a
+modified URL, related to a &quot;mass assignment&quot; vulnerability, a
+different vulnerability than CVE-2012-0327.
+
+Thanks.
+</PRE>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+<!--endarticle-->
+    <HR>
+    <P><UL>
+        <!--threads-->
+	<LI>Previous message: <A HREF="014009.html">[Mageia-dev] Freeze push: drakx-installer-rescue
+</A></li>
+	<LI>Next message: <A HREF="014037.html">[Mageia-dev] Freeze push: redmine 1.3.2
+</A></li>
+         <LI> <B>Messages sorted by:</B> 
+              <a href="date.html#14010">[ date ]</a>
+              <a href="thread.html#14010">[ thread ]</a>
+              <a href="subject.html#14010">[ subject ]</a>
+              <a href="author.html#14010">[ author ]</a>
+         </LI>
+       </UL>
+
+<hr>
+<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
+mailing list</a><br>
+</body></html>
-- 
cgit v1.2.1