subject:"Bug#726284\: xhprof\: XSS \(no CVE yet\)"

Bug#726284: xhprof: XSS (no CVE yet)

2013-10-16 Thread Salvatore Bonaccorso

Control: retitle -1 xhprof: CVE-2013-4433: XSS Hi On Mon, Oct 14, 2013 at 07:18:21AM +0200, Moritz Muehlenhoff wrote: Package: xhprof Severity: grave Tags: security Justification: user security hole Hi, fixed in 0.9.4:

Bug#726284: xhprof: XSS (no CVE yet)

2013-10-13 Thread Moritz Muehlenhoff

Package: xhprof Severity: grave Tags: security Justification: user security hole Hi, fixed in 0.9.4: http://pecl.php.net/package-changelog.php?package=xhprofrelease=0.9.4 http://www.openwall.com/lists/oss-security/2013/10/14/1 Cheers, Moritz -- To UNSUBSCRIBE, email to