Merge pull request symfony#96 from patkar/typo3-security-bulletins

fabpot · fabpot · commit 8ad29980b317 · 2015-09-10T12:25:55.000+02:00
Add new TYPO3 CMS security advisories
diff --git a/typo3/cms/2015-09-08-1.yaml b/typo3/cms/2015-09-08-1.yaml
@@ -0,0 +1,19 @@
+title:     Frontend: Unauthenticated Path Disclosure
+link:      https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-008/
+branches:
+    6.2.x:
+        time:     2015-09-08 10:57:00
+        versions: [>=6.2.0,<6.2.15]
+    7.0.x:
+        time:     2015-09-08 10:57:00
+        versions: [>=7.0.0,<7.1.0]
+    7.1.x:
+        time:     2015-09-08 10:57:00
+        versions: [>=7.1.0,<7.2.0]
+    7.2.x:
+        time:     2015-09-08 10:57:00
+        versions: [>=7.2.0,<7.3.0]
+    7.3.x:
+        time:     2015-09-08 10:57:00
+        versions: [>=7.3.0,<7.4.0]
+reference: composer://typo3/cms
diff --git a/typo3/cms/CVE-2015-5956.yaml b/typo3/cms/CVE-2015-5956.yaml
@@ -0,0 +1,20 @@
+title:     Backend: Non-Persistent Cross-Site Scripting
+link:      https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-009/
+cve:       CVE-2015-5956
+branches:
+    6.2.x:
+        time:     2015-09-08 10:59:00
+        versions: [>=6.2.0,<6.2.15]
+    7.0.x:
+        time:     2015-09-08 10:59:00
+        versions: [>=7.0.0,<7.1.0]
+    7.1.x:
+        time:     2015-09-08 10:59:00
+        versions: [>=7.1.0,<7.2.0]
+    7.2.x:
+        time:     2015-09-08 10:59:00
+        versions: [>=7.2.0,<7.3.0]
+    7.3.x:
+        time:     2015-09-08 10:59:00
+        versions: [>=7.3.0,<7.4.0]
+reference: composer://typo3/cms
