[Koha-devel] FYI: CVE numbers for recent security update
Galen Charlton
gmc at esilibrary.com
Mon Feb 10 17:55:06 CET 2014
Hi,
I requested CVE numbers for the issues fixed in the security releases;
here's what was assigned:
CVE-2014-1922: absolute path traversal issue in tools/pdfViewer.pl
CVE-2014-1923: directory traversal issues in edithelp.pl and member-picupload.pl
CVE-2014-1924: MARC framework import/export did not require authentication
CVE-2014-1925: MARC framework import/export could be used to perform
unexpected SQL commands
Regards,
Galen
--
Galen Charlton
Manager of Implementation
Equinox Software, Inc. / The Open Source Experts
email: gmc at esilibrary.com
direct: +1 770-709-5581
cell: +1 404-984-4366
skype: gmcharlt
web: http://www.esilibrary.com/
Supporting Koha and Evergreen: http://koha-community.org &
http://evergreen-ils.org
More information about the Koha-devel
mailing list