On Fri, Oct 24, 2008 at 10:27:09PM +0200, Florian Weimer wrote:
* Luca Bruno:
A full disclosure bulletin has been posted today, reporting various
security vulnerabilities in websvn.
Thanks, I'm not sure if the source is in our public monitoring.
The remote code execution should only
* Pierre Chifflier:
That looks serious indeed, and it affects versions from both testing and
unstable.
There are 3 different kind of problems:
- Cross Site Scripting (unsafe usage of the PHP_SELF server variable
within the getParameterisedSelfUrl() function)
- File handling issues in the
Package: websvn
Version: 1.61-20
Severity: critical
Tags: security
A full disclosure bulletin has been posted today, reporting various
security vulnerabilities in websvn.
The remote code execution should only affect etch version, while at a
first glance the others are also still open in
* Luca Bruno:
A full disclosure bulletin has been posted today, reporting various
security vulnerabilities in websvn.
Thanks, I'm not sure if the source is in our public monitoring.
The remote code execution should only affect etch version, while at a
first glance the others are also
4 matches
Mail list logo
