From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001
From: Nicolas Vigier <boklm@mageia.org>
Date: Sun, 14 Apr 2013 13:46:12 +0000
Subject: Add zarb MLs html archives

---
 zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment-0001.html | 4 ++++
 zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment.html      | 4 ++++
 2 files changed, 8 insertions(+)
 create mode 100644 zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment-0001.html
 create mode 100644 zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment.html

(limited to 'zarb-ml/mageia-dev/attachments/20120409/ea181ca7')

diff --git a/zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment-0001.html b/zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment-0001.html
new file mode 100644
index 000000000..e453a5760
--- /dev/null
+++ b/zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment-0001.html
@@ -0,0 +1,4 @@
+ping?<br><br>在 2012年4月9日星期一，Funda Wang &lt;<a href="mailto:fundawang@gmail.com">fundawang@gmail.com</a>&gt; 写道：<br>&gt; ping?<br>&gt;<br>&gt; 2012/4/8 Funda Wang &lt;<a href="mailto:fundawang@gmail.com">fundawang@gmail.com</a>&gt;:<br>
+&gt;&gt; Hello,<br>&gt;&gt;<br>&gt;&gt; Could somebody pushing redmine 1.3.2 into cauldron?<br>&gt;&gt;<br>&gt;&gt; Redmine before 1.3.2 does not properly restrict the use of a hash to<br>&gt;&gt; provide values for a model&#39;s attributes, which allows remote attackers<br>
+&gt;&gt; to set attributes in the (1) Comment, (2) Document, (3) IssueCategory,<br>&gt;&gt; (4) MembersController, (5) Message, (6) News, (7) TimeEntry, (8)<br>&gt;&gt; Version, (9) Wiki, (10) UserPreference, or (11) Board model via a<br>
+&gt;&gt; modified URL, related to a &quot;mass assignment&quot; vulnerability, a<br>&gt;&gt; different vulnerability than CVE-2012-0327.<br>&gt;&gt;<br>&gt;&gt; Thanks.<br>&gt;
diff --git a/zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment.html b/zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment.html
new file mode 100644
index 000000000..e453a5760
--- /dev/null
+++ b/zarb-ml/mageia-dev/attachments/20120409/ea181ca7/attachment.html
@@ -0,0 +1,4 @@
+ping?<br><br>在 2012年4月9日星期一，Funda Wang &lt;<a href="mailto:fundawang@gmail.com">fundawang@gmail.com</a>&gt; 写道：<br>&gt; ping?<br>&gt;<br>&gt; 2012/4/8 Funda Wang &lt;<a href="mailto:fundawang@gmail.com">fundawang@gmail.com</a>&gt;:<br>
+&gt;&gt; Hello,<br>&gt;&gt;<br>&gt;&gt; Could somebody pushing redmine 1.3.2 into cauldron?<br>&gt;&gt;<br>&gt;&gt; Redmine before 1.3.2 does not properly restrict the use of a hash to<br>&gt;&gt; provide values for a model&#39;s attributes, which allows remote attackers<br>
+&gt;&gt; to set attributes in the (1) Comment, (2) Document, (3) IssueCategory,<br>&gt;&gt; (4) MembersController, (5) Message, (6) News, (7) TimeEntry, (8)<br>&gt;&gt; Version, (9) Wiki, (10) UserPreference, or (11) Board model via a<br>
+&gt;&gt; modified URL, related to a &quot;mass assignment&quot; vulnerability, a<br>&gt;&gt; different vulnerability than CVE-2012-0327.<br>&gt;&gt;<br>&gt;&gt; Thanks.<br>&gt;
-- 
cgit v1.2.1