[Mono-bugs] [Bug 413534] VUL-0: Mono ASP.NET class library has potential XSS problem
bugzilla_noreply at novell.com
bugzilla_noreply at novell.com
Thu Jul 31 07:43:08 EDT 2008
https://bugzilla.novell.com/show_bug.cgi?id=413534
User meissner at novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=413534#c2
--- Comment #2 from Marcus Meissner <meissner at novell.com> 2008-07-31 05:43:08 MDT ---
Two ways:
- prepare fixes before hand and have them ready for release when committed
- just commit and get all the fixed packages released afterwards
To decide:
I understand that Microsoft C# ASP.net is also affected, right?
If yes, waiting with disclosure for some time and perhaps coordinate to
some degree with MS might be appropriate.
If MS has a CVE for this issue, we can use also use it for Mono ASP.net,
otherwise we can get a own CVE entry.
=> wait for MS feedback for some days (I suggest until next week).
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
More information about the mono-bugs
mailing list