[Bug 740142] Re: persistent xss vector in (unescaped) filenames in revision views

Launchpad Bug Tracker Mon, 28 Mar 2011 14:56:34 -0700

This bug was fixed in the package loggerhead - 1.18.1-1

---------------
loggerhead (1.18.1-1) unstable; urgency=high


  * Bump python-simplejson from Recommends to Depends, as loggerhead
    breaks with python-json. LP: #586611
  * Switch to dh_python2. Closes: #616876
  * Switch to debhelper 7, drop cdbs.
  * Claim support for Bazaar 2.4.
  * New upstream release.
   + Fixes escaping of filenames in revision views. (CVE-2011-0728)
     LP: #740142

loggerhead (1.18-2) unstable; urgency=low

  * Run the test suite during package build.
 -- Jelmer Vernooij <[email protected]>   Mon,  28 Mar 2011 19:19:09 +0000

** Changed in: loggerhead (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/740142

Title:
  persistent xss vector in (unescaped) filenames in revision views

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 740142] Re: persistent xss vector in (unescaped) filenames in revision views

Reply via email to