Package: blosxom Version: 2.1.1-1 Severity: critical Tags: security Hi!
Yoshinori Ohta of Business Architects Inc. found a XSS issue in blosxom related to handling of unknown flavour types. The fix is now commited to upstream CVS: <http://blosxom.cvs.sourceforge.net/viewvc/blosxom/blosxom2/blosxom.cgi?r1=1.83&r2=1.84> The upstream version is expected to get released today, the issue has been granted the CVE id CVE-2008-2236. So long, Rhonda -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]