This bug was fixed in the package loggerhead - 1.17-0ubuntu1.1
---------------
loggerhead (1.17-0ubuntu1.1) karmic-security; urgency=low
* SECURITY UPDATE: Cross-site scripting vulnerabilities by crafted branch
contents. (LP: #740142)
- debian/patches/bug-740142.diff: improve escaping of filenames.
- CVE-2011-0728
-- William Grant <[email protected]> Thu, 24 Mar 2011 14:01:44
+1100
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/740142
Title:
persistent xss vector in (unescaped) filenames in revision views
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
