Hi, * [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2007-08-16 14:55]: [...] > CVE-2007-0667 (The redirect function in Form.pm for (1) LedgerSMB before > 1.1.5 and ...) > - - sql-ledger <unfixed> (bug #409703) > + - sql-ledger <unfixed> (bug #409703; medium) > [etch] - sql-ledger <no-dsa> (Should only be used with trusted users) > NOTE: sql-ledger 2.6.22-2 adds a note to README.Debian that sql-ledger > NOTE: is not secure with untrusted users.
Just wanted to comment this, noting the bug in README.Debian does not fix it and doesn't help users who don't read the file, just if someone wonders why I didn't set low :) Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgp9mjYq47GPW.pgp
Description: PGP signature
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
