Package: trac Version: 0.10.3-1 Tags: security Please bump trac to 0.10.3.1 in 'testing' and 'unstable' because of these two issues listed in the release announcement[1]:
* Always send "Content-Disposition: attachment" headers where potentially unsafe (user provided) content is available for download. This behaviour can be altered using the "render_unsafe_content" option in the "attachment" and "browser" sections of trac.ini. * Fixed XSS vulnerability in "download wiki page as text" in combination with Microsoft IE. Reported by Yoshinori Oota, Business Architects Inc. [1] Release Announcement http://groups.google.com/group/trac-announce/browse_thread/thread/a0179f00ab b51972
smime.p7s
Description: S/MIME cryptographic signature
