Giuseppe Iuculano wrote: > CVE-2009-3622 [wordpress: Trackback DoS] > RESERVED > - wordpress 2.8.5-1 > + [lenny] - wordpress <no-dsa> (Minor issue) > + [etch] - wordpress <no-dsa> (Minor issue) > NOTE: http://seclists.org/fulldisclosure/2009/Oct/263
Erm, I'm a bit hesitant about making it a no-dsa. It is fairly easy to trigger it, specially since the php5 cgi and apache2 module both have the mbstring extention built-in. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
