Package: php-xajax Severity: grave Justification: user security hole Tags: security
Hi The patch for CVE-2007-2739 seems to be incomplete as already discussed via private mail. Just using htmlspecialchars(), instead of the replace calls should do the trick. I've requested a new CVE id for this and will paste it here as soon as I get it. Cheers Steffen
signature.asc
Description: This is a digitally signed message part.
