Package: yui
Severity: grave
Tags: security
Justification: user security hole

This was assigned CVE-2013-6780:
https://yuilibrary.com/support/20131111-vulnerability/

Given that upstream states

| YUI 2 is an end-of-lifed project and is no longer supported. All YUI 2 .swf 
files 
| have been removed from the Yahoo CDN. If your site was taking advantage of 
the 
| presence of these files on the Yahoo CDN they will no longer be available. 

yui should be removed from unstable. Please file bugs against it's rdeps.

Cheers,
        Moritz

_______________________________________________
Pkg-javascript-devel mailing list
Pkg-javascript-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-javascript-devel

Reply via email to