You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cloudstack.apache.org by Bryan Whitehead <dr...@megahappy.net> on 2012/10/10 21:57:56 UTC

question about CVE-2012-4501 and version 3.0.2

As referenced here:
http://permalink.gmane.org/gmane.comp.security.bugtraq/50629

Does this affect the 3.0.2 release of CloudStack? I believe CloudStack
was handed off to Apache before this release.

-Bryan

Re: question about CVE-2012-4501 and version 3.0.2

Posted by John Kinsella <jl...@stratosec.co>.
3.0.2 is not an Apache release. That said, it is still vulnerable.

On Oct 10, 2012, at 12:57 PM, Bryan Whitehead <dr...@megahappy.net>
 wrote:

> As referenced here:
> http://permalink.gmane.org/gmane.comp.security.bugtraq/50629
> 
> Does this affect the 3.0.2 release of CloudStack? I believe CloudStack
> was handed off to Apache before this release.
> 
> -Bryan
> 

Stratosec - Secure Infrastructure as a Service
o: 415.315.9385
@johnlkinsella

Re: question about CVE-2012-4501 and version 3.0.2

Posted by Bryan Whitehead <dr...@megahappy.net>.
As soon as I saw John's email: done.

On Wed, Oct 10, 2012 at 1:12 PM, Mathias Mullins
<ma...@citrix.com> wrote:
> Bryan,
>
> All version releases are current open to the vulnerability. Please make
> sure to run the SQL statements listed in the notice.
>
> Matt Mullins
> CloudPlatform Implementation Engineer
> Worldwide Cloud Services ­ Citrix System, Inc.
> +1 (407) 920-1107 ­ Office/Cell Phone
> matt.mullins@citrix.com
>
>
>
>
> On 10/10/12 12:57 PM, "Bryan Whitehead" <dr...@megahappy.net> wrote:
>
>>As referenced here:
>>http://permalink.gmane.org/gmane.comp.security.bugtraq/50629
>>
>>Does this affect the 3.0.2 release of CloudStack? I believe CloudStack
>>was handed off to Apache before this release.
>>
>>-Bryan
>

Re: question about CVE-2012-4501 and version 3.0.2

Posted by Mathias Mullins <ma...@citrix.com>.
Bryan, 

All version releases are current open to the vulnerability. Please make
sure to run the SQL statements listed in the notice.

Matt Mullins
CloudPlatform Implementation Engineer
Worldwide Cloud Services ­ Citrix System, Inc.
+1 (407) 920-1107 ­ Office/Cell Phone
matt.mullins@citrix.com




On 10/10/12 12:57 PM, "Bryan Whitehead" <dr...@megahappy.net> wrote:

>As referenced here:
>http://permalink.gmane.org/gmane.comp.security.bugtraq/50629
>
>Does this affect the 3.0.2 release of CloudStack? I believe CloudStack
>was handed off to Apache before this release.
>
>-Bryan