Package: lxr Severity: important Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for lxr.
CVE-2010-1738[0]: | Cross-site scripting (XSS) vulnerability in lib/LXR/Common.pm in LXR | Cross Referencer before 0.9.8 allows remote attackers to inject | arbitrary web script or HTML via a title string. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. Patch: http://lxr.cvs.sourceforge.net/viewvc/lxr/lxr/lib/LXR/Common.pm?r1=1.63&r2=1.64&view=patch For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1738 http://security-tracker.debian.org/tracker/CVE-2010-1738 -- Nico Golde - http://www.ngolde.de - n...@jabber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
pgpHP7SUBgLQD.pgp
Description: PGP signature