Vulnerability In BEdita CMS
34 views
Skip to first unread message
Edric Teo Jin Kai
Feb 11, 2015, 12:18:09 AM2/11/15
to bed...@googlegroups.com
Hi,
I have discovered a vulnerability in BEdita, may I know how should I contact the security team? Or should I create a new issue via github bug tracker?
Best regards,
Edric Teo
I have discovered a vulnerability in BEdita, may I know how should I contact the security team? Or should I create a new issue via github bug tracker?
Best regards,
Edric Teo
bato
Feb 11, 2015, 4:18:15 AM2/11/15
to bed...@googlegroups.com
Hi Edric Teo,
thank you for contact us and help to discover issues in BEdita.
Please, feel free to create new issue on github https://github.com/bedita/bedita/issues specifying the BEdita version and how to reproduce the vulnerability.
Greetings
Alberto
Edric Teo Jin Kai
Feb 11, 2015, 7:55:09 AM2/11/15
to bed...@googlegroups.com
Hi Alberto,
I have drafted a proof-of-concept exploiting the vulnerability in a pdf file. However github doesn't allow the uploading of a pdf file.
Is it possible for me to email you the POC?
Thanks
Best regards,
Edric Teo
I have drafted a proof-of-concept exploiting the vulnerability in a pdf file. However github doesn't allow the uploading of a pdf file.
Is it possible for me to email you the POC?
Thanks
Best regards,
Edric Teo
Stefano Rosanelli
Feb 12, 2015, 6:17:25 AM2/12/15
to bed...@googlegroups.com
Hi Edric,
thanks on behalf of the BEdita dev team for your detailed proof-of-concept.
We are already working to solve those issues.
ciao
Stefano
thanks on behalf of the BEdita dev team for your detailed proof-of-concept.
We are already working to solve those issues.
ciao
Stefano
Edric Teo Jin Kai
Feb 12, 2015, 8:23:24 AM2/12/15
to bed...@googlegroups.com
Hi Stefano,
Thank you for your response. It is my pleasure to be working with the developers of BEdita.Could you please update me after the fixes are made so that I could request for CVE IDs for the respective vulnerability.
Thanks.
Thanks.
Best regards,
Edric Teo
Edric Teo
--
You received this message because you are subscribed to a topic in the Google Groups "BEdita" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/bedita/2b_o3K1BbhQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to bedita+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Alberto Pagliarini
Feb 16, 2015, 10:02:53 AM2/16/15
to bed...@googlegroups.com
Hi Edric Teo,
we have opened two issues about vulnerabilities reported by you:
The first one is already closed while the second is in test status and soon it will be closed too.
The patches are on 3-corylus branch and soon as possible a 3.5.1 version will be released.
Thanks again for your help to improve BEdita!
ciao
Alberto
You received this message because you are subscribed to the Google Groups "BEdita" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bedita+un...@googlegroups.com.
bato
Feb 19, 2015, 9:58:19 AM2/19/15
to bed...@googlegroups.com
Hi Edric Teo,
3.5.1 release is landed!! https://groups.google.com/forum/?fromgroups#!topic/bedita/SOYrl5C-YRg
Thank you very much for your contribute!
Alberto
Edric Teo Jin Kai
Feb 19, 2015, 11:06:59 PM2/19/15
to bed...@googlegroups.com
Hi Alberto,
Thank you for informing on the new release of BEdita CMS.
It was a great pleasure working with you.
Have a nice day! :)
--
You received this message because you are subscribed to a topic in the Google Groups "BEdita" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/bedita/2b_o3K1BbhQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to bedita+un...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages