From owner-freebsd-security@FreeBSD.ORG Thu Jul 2 20:42:11 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A99DC1065672; Thu, 2 Jul 2009 20:42:11 +0000 (UTC) (envelope-from vinnix.bsd@gmail.com) Received: from mail-yx0-f181.google.com (mail-yx0-f181.google.com [209.85.210.181]) by mx1.freebsd.org (Postfix) with ESMTP id 510F38FC13; Thu, 2 Jul 2009 20:42:11 +0000 (UTC) (envelope-from vinnix.bsd@gmail.com) Received: by yxe11 with SMTP id 11so2809262yxe.3 for ; Thu, 02 Jul 2009 13:42:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type:content-transfer-encoding; bh=oqnDsY3nG8nQTIxjDdn2SQElY1eKLybXNClm/Q1zZ5s=; b=ko/52f1HrT0TQ4j9tSI5SFjMh/Bo3JNOos72Zk/jhDwMNQGpL9RVkrDZazlTJpGGKh taclKjcDa5Gb19VXh3sXnahuTXC82IsLNSUDVJAoedQ4mVs+KhVKPkih2bEnkq72uErc k2bU+F83CY4Tz1zuCjYEcJb2RvwWsnJqAd004= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type :content-transfer-encoding; b=hpZzym5yDaJ0x/5kKL7tnaoSroFM0nQuePcZf9ioCeq4G/gd177qu1afQrBn06H/Cy izqXIAo3dH2XTjxj2pkz9MRjsUUCNuQm+wH3UkGHD+AR5NiDJzc49yDo7pTv+RuhBa5B 1OiDQwkKnzphzzOui4PrSJqPT40RVXmz2U7/0= MIME-Version: 1.0 Received: by 10.231.39.131 with SMTP id g3mr223556ibe.34.1246566026511; Thu, 02 Jul 2009 13:20:26 -0700 (PDT) Date: Thu, 2 Jul 2009 17:20:26 -0300 Message-ID: <1e31c7980907021320i164bc5edj32095c9df1f8096e@mail.gmail.com> From: Vinicius Abrahao To: robi@nunnisoft.ch, freebsd-security@freebsd.org, garga@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: Subject: Recent XSS in joomla 1.5.11 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Jul 2009 20:42:11 -0000 Hi Fellows, I read that we have a new issue with joomla. http://packetstormsecurity.org/0907-exploits/joomla1512-xss.txt http://www.joomla.org/announcements/release-news/5242-joomla-1512-released.= html Thanks, Vin=EDcius From owner-freebsd-security@FreeBSD.ORG Fri Jul 3 14:58:55 2009 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DB9C5106570D; Fri, 3 Jul 2009 14:58:55 +0000 (UTC) (envelope-from roberto.nunnari@supsi.ch) Received: from ti-edu.ch (posta.ti-edu.ch [195.176.176.171]) by mx1.freebsd.org (Postfix) with ESMTP id 45ACB8FC1B; Fri, 3 Jul 2009 14:58:54 +0000 (UTC) (envelope-from roberto.nunnari@supsi.ch) Received: from [193.5.152.27] (HELO [127.0.0.1]) by ti-edu.ch (CommuniGate Pro SMTP 5.2.14) with ESMTP id 33557114; Fri, 03 Jul 2009 15:58:50 +0200 Message-ID: <4A4E0E93.5000108@supsi.ch> Date: Fri, 03 Jul 2009 15:58:43 +0200 From: Roberto Nunnari User-Agent: Thunderbird 2.0.0.22 (Windows/20090605) MIME-Version: 1.0 To: Vinicius Abrahao References: <1e31c7980907021320i164bc5edj32095c9df1f8096e@mail.gmail.com> In-Reply-To: <1e31c7980907021320i164bc5edj32095c9df1f8096e@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-security@freebsd.org, garga@freebsd.org Subject: Re: Recent XSS in joomla 1.5.11 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Jul 2009 14:58:56 -0000 Hi. Vinicius Abrahao ha scritto: > Hi Fellows, > > I read that we have a new issue with joomla. I submitted the port patch yesterday. See http://www.freebsd.org/cgi/query-pr.cgi?pr=136246 Best regards. Robi