Gentoo Linux

Comment 4 for bug 1011823

Revision history for this message

In Gentoo Bugzilla #420375, David Hicks (dhx) wrote on 2012-06-12:

CVE numbers were assigned as follows:

CVE-2012-2691: Reporters can edit arbitrary bugnotes via SOAP API (#14340)

CVE-2012-2692: delete_attachments_threshold not checked on attachment deletion (#14016)