From 4d9e223d411b9a9637fd883cbc543fcc28a3c887 Mon Sep 17 00:00:00 2001 From: Dawid Czarnecki Date: Fri, 14 Feb 2020 17:16:08 +0100 Subject: [PATCH] fix: [blog] MISP 2.4.121 release typo --- _posts/2020-02-12-MISP.2.4.121.released.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/2020-02-12-MISP.2.4.121.released.md b/_posts/2020-02-12-MISP.2.4.121.released.md index 847902c..24bd51b 100644 --- a/_posts/2020-02-12-MISP.2.4.121.released.md +++ b/_posts/2020-02-12-MISP.2.4.121.released.md @@ -13,7 +13,7 @@ A new version of MISP ([2.4.121](https://github.com/MISP/MISP/tree/v2.4.121)) ha The new version includes fixes to a set of vulnerabilities, kindly reported by Dawid Czarnecki. For details, see the attached CVE information. - A reflected XSS in the galaxy view [CVE-2020-8893](https://cve.circl.lu/cve/CVE-2020-8893) -- ACL wasn't always correctly adhered to for the discussion threads [CVE-2020-8894](https://cve.circl.lu/cve/CVE-2020-8892) +- ACL wasn't always correctly adhered to for the discussion threads [CVE-2020-8894](https://cve.circl.lu/cve/CVE-2020-8894) - Potential time skew between web server and database would cause the brute force protection not to fire.[CVE-2020-8890](https://cve.circl.lu/cve/CVE-2020-8890) Whilst investigating the above, we have identified and resolved other issues with the brute force protection: