Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=homepage-ng;a=darcs_commitdiff;h=20070115200030-dd049-40a2fa542f018c079dd79699fc987025f9abc3c0.gz;
[FSA92-joomla voroskoi <[EMAIL PROTECTED]>**20070115200030] { hunk ./frugalware/xml/security.xml 29 + <fsa> + <id>92</id> + <date>2007-01-15</date> + <author>voroskoi</author> + <package>joomla</package> + <vulnerable>1.0.11-1</vulnerable> + <unaffected>1.0.12-1siwenna1</unaffected> + <bts>http://bugs.frugalware.org/task/1585</bts> + <cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6833 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6834 + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6832</cve> + <desc>Some vulnerabilities have been reported in Joomla!, where some have unknown impacts and one can be exploited by malicious people to conduct cross-site scripting attacks. + 1) Input passed to an unspecified parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. + 2) The vulnerabilities are caused due to unspecified errors in Joomla!. The vendor describes them as "several low level security issues". No further information is currently available.</desc> + </fsa> } _______________________________________________ Frugalware-darcs mailing list Frugalware-darcs@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-darcs