Hi,
On Sun, Jan 23, 2005 at 08:28:47PM -0500, Justin Pryzby wrote:
On Sun, Jan 23, 2005 at 05:42:04PM -0500, pryzbyj wrote:
tags 281655 patch
thanks
I've included a 2-line patch which implements some output
sanitization. I can't find any other instance where this is a
problem, but
Hi,
sorry, the mail about this bug somehow got lost in my inbox...
(CC to debian-devel, any help with this issue is welcome)
On Wed, Nov 17, 2004 at 03:45:55AM +0100, Nicolas Gregoire wrote:
Package: info2www
Version: 1.2.2.9-22
Severity: normal
Tags: security
There's a XSS vulnerabilty
On Sun, Jan 23, 2005 at 05:12:15PM +0100, Uwe Hermann wrote:
Hi,
sorry, the mail about this bug somehow got lost in my inbox...
(CC to debian-devel, any help with this issue is welcome)
On Wed, Nov 17, 2004 at 03:45:55AM +0100, Nicolas Gregoire wrote:
Package: info2www
Version:
tags 281655 patch
thanks
I've included a 2-line patch which implements some output
sanitization. I can't find any other instance where this is a
problem, but don't take my word for it; I haven't followed the code
*that* closely.
Since info filenames/titles can be named anything (which is a Good
On Sun, Jan 23, 2005 at 05:42:04PM -0500, pryzbyj wrote:
tags 281655 patch
thanks
I've included a 2-line patch which implements some output
sanitization. I can't find any other instance where this is a
problem, but don't take my word for it; I haven't followed the code
*that* closely.
5 matches
Mail list logo