On Sun, Jul 8, 2012 at 12:00 PM, Eitan Adler <[email protected]> wrote: > eadler 2012-07-08 19:00:08 UTC > > FreeBSD ports repository > > Modified files: > security/vuxml vuln.xml > Log: > openx reported a new security issue but does not provide any details: > inform users of this.
I don't think it's right to assign same identifier to different issues. For 2.8.9 I think it was: http://www.infosecstuff.com/openx-releases-patch-for-csrf-vulnerability/ And for 2.8.8 it was: http://secunia.com/advisories/48275/ It seems that OpenX does not release any information about the vulnerability which is a bad practice in my opinion by the way. Cheers, -- Xin LI <[email protected]> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "[email protected]"
