Control: tags -1 + confirmed
On Mon, 2020-03-02 at 11:28 +0100, Xavier wrote:
> Le 01/03/2020 à 22:52, Andreas Beckmann a écrit :
> > > +#CVE-2019-10785.patch
> >
> > The patch is commented in the series file and thus does not get
> > applied.
> >
> > Andreas
>
> Sorry for this error. Here is
Le 01/03/2020 à 22:52, Andreas Beckmann a écrit :
>> +#CVE-2019-10785.patch
>
> The patch is commented in the series file and thus does not get applied.
>
> Andreas
Sorry for this error. Here is the real patch.
Cheers,
Xavier
diff --git a/debian/changelog b/debian/changelog
index
> +#CVE-2019-10785.patch
The patch is commented in the series file and thus does not get applied.
Andreas
Le 29/02/2020 à 14:48, Salvatore Bonaccorso a écrit :
> Hi Xavier,
>
> On Sat, Feb 29, 2020 at 09:10:51AM +0100, Xavier Guimard wrote:
>> Package: release.debian.org
>> Severity: normal
>> Tags: buster
>> User: release.debian@packages.debian.org
>> Usertags: pu
>>
>> Hi,
>>
>> dojo is
Hi Xavier,
On Sat, Feb 29, 2020 at 09:10:51AM +0100, Xavier Guimard wrote:
> Package: release.debian.org
> Severity: normal
> Tags: buster
> User: release.debian@packages.debian.org
> Usertags: pu
>
> Hi,
>
> dojo is vulnerable to Cross-site Scripting. This is due to
>
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Hi,
dojo is vulnerable to Cross-site Scripting. This is due to
dojox.xmpp.util.xmlEncode only encoding the first occurrence of each
character, not all of them.
This upstream patch
6 matches
Mail list logo
