Hi,
it's 135 days since the bug report was filed, it has a patch attached, it
is a bug classified as 'serious', still I see no progress.. I don't want
to hurt anyone, but with this approach I fear that TWiki will miss the
next stable release as well.. :-(
I can offer some help if you accept it
CVE-2006-1387: TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows
remote authenticated users with edit rights to cause a denial of service
(infinite recursion leading to CPU and memory consumption) via INCLUDE
by URL statements that form a loop, such as a page that includes
itself.
I
its stuff like this that just keeps depressing me into not finishing the
work i do packaging twiki for debian.
your officiousness is a joy, ta.
same sort of thing as when just before the last debian release came out,
and some one helpfully filed an un-reproducible RC bug, that didn't
happen for
3 matches
Mail list logo
