Accepted:
OK: gnatsweb_4.00.orig.tar.gz
OK: gnatsweb_4.00-1ubuntu0.7.04.diff.gz
OK: gnatsweb_4.00-1ubuntu0.7.04.dsc
-> Component: universe Section: devel
OK: gnatsweb_4.00-1ubuntu0.7.04_all.deb
Format: 1.7
Date: Fri, 29 Feb 2008 03:40:07 +0100
Source: gnatsweb
Binary: gnatsweb
Architecture: all source
Version: 4.00-1ubuntu0.7.04
Distribution: feisty-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <[EMAIL PROTECTED]>
Changed-By: Emanuele Gentili <[EMAIL PROTECTED]>
Description:
gnatsweb - Web interface to GNU GNATS
Changes:
gnatsweb (4.00-1ubuntu0.7.04) feisty-security; urgency=low
.
* SECURITY UPDATE:
+ gnatsweb.pl (LP: #191196)
- Fixed missing escaping of the database parameter which leads
to a cross-site scripting vulnerability (XSS) via this
parameter (CVE-2007-2808).
+ debian/control
- Switch Maintainer to Ubuntu MOTU Developers
* References:
+ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2808
+ http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=427156
Files:
44d35fcf54e60a1b808d7401e2148dd6 56238 devel extra
gnatsweb_4.00-1ubuntu0.7.04_all.deb
207f1a78b9a4c532b2701a125d84b264 655 devel extra
gnatsweb_4.00-1ubuntu0.7.04.dsc
ab517c4b279654a8141bc173cf2373b8 2558 devel extra
gnatsweb_4.00-1ubuntu0.7.04.diff.gz
Launchpad-Bugs-Fixed: 191196
Original-Maintainer: Chad Walstrom <[EMAIL PROTECTED]>
--
feisty-changes mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/feisty-changes
