Hi,
I intend to NMU this bug.
The attached patch fixes this issue.
It will be also archived on:
http://people.debian.org/~nion/nmu-diff/gnatsweb_4.00-1_4.00-1.1.patch
Kind regards
Nico
--
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this
Hi,
I accidently included the wrong patch.
Here is the correct one.
Kind regards
Nico
--
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
diff -u gnatsweb-4.00/debian/changelog
Hi,
here is again a new patch (should be the last update)
because the last one would escape passwords as well which
should not be the case.
Kind regards
Nico
--
Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13
Package: gnatsweb
Severity: important
Tags: security
A cross-site scripting vulnerability has been disclosed in gnatsweb:
http://pridels-team.blogspot.com/2007/05/blog-post.html
Please mention the name CVE-2007-2808 in the changelog when fixing
this bug.
--
To UNSUBSCRIBE, email to [EMAIL
4 matches
Mail list logo