Viewing all changes in revision 5.
- Committer: Bazaar Package Importer
- Date: 2006-05-22 20:01:46 UTC
- Revision ID: james.westby@ubuntu.com-20060522200146-6f5k7z7ax4gi0v91
* SECURITY UPDATE: Cross-site scripting.
* debian/patches/01_sanitize_more.patch:
- Use the Sanitize function to filter out arbitrary HTML from 'diricons'
parameter (analoguous to CVE-2006-1945, which is already fixed in this
version).
- Sanitize MigrateStats parameter (XSS if statistics updates are enabled).
[CVE-2006-2237]
- Patch from upstream CVS, taken from Debian's 6.5-2 version.
* debian/patches/01_sanitize_more.patch:
- Use the Sanitize function to filter out arbitrary HTML from 'diricons'
parameter (analoguous to CVE-2006-1945, which is already fixed in this
version).
- Sanitize MigrateStats parameter (XSS if statistics updates are enabled).
[CVE-2006-2237]
- Patch from upstream CVS, taken from Debian's 6.5-2 version.
- files modified:
- debian/changelog
expand all
collapse all
added
removed
