Package: ftp.debian.org
Severity: normal
Please remove spip:
- Last upload in March 2004.
- RC-buggy since more than two years
- Six open vulnerabilities:
[5]CVE-2005-4494 Cross-site scripting (XSS) vulnerability in SPIP 1.8.2 and
earlier ...
[6]CVE-2006-0517 Multiple SQL injection vulnerabilities in ...
[7]CVE-2006-0518 Cross-site scripting (XSS) vulnerability in index.php3 in
SPIP 1.8.2-e ...
[8]CVE-2006-0519 SPIP 1.8.2-e and earlier and 1.9 Alpha 2 (5539) and
earlier allows ...
[9]CVE-2006-0625 Directory traversal vulnerability in Spip_RSS.PHP in SPIP
1.8.2g and ...
[10]CVE-2006-0626 SQL injection vulnerability in spip_acces_doc.php3 in SPIP
1.8.2g and ...
- Only two popcon users, one voting.
- Has never been part of a stable release.
- Plenty of alternatives in the archive.
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16-1-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
