- Committer: Bazaar Package Importer
- Date: 2006-05-22 21:51:34 UTC
- Revision ID: james.westby@ubuntu.com-20060522215134-wfjebcfggqkgsvf9
* SECURITY UPDATE: Cross-site scripting.
* debian/patches/1001_sanitize_more.patch:
- Use the Sanitize function to filter out arbitrary HTML from 'diricons'
parameter (analoguous to CVE-2006-1945, which is already fixed in this
version).
- Sanitize MigrateStats parameter (XSS if statistics updates are enabled).
[CVE-2006-2237]
- Patch from upstream CVS, taken from Debian's 6.5-2 version.
* debian/patches/1001_sanitize_more.patch:
- Use the Sanitize function to filter out arbitrary HTML from 'diricons'
parameter (analoguous to CVE-2006-1945, which is already fixed in this
version).
- Sanitize MigrateStats parameter (XSS if statistics updates are enabled).
[CVE-2006-2237]
- Patch from upstream CVS, taken from Debian's 6.5-2 version.
| Filename | Latest Rev | Last Changed | Committer | Comment | Size | ||
|---|---|---|---|---|---|---|---|
 .. |
|||||||
debian
|
2 | 20 years ago | Bazaar Package Importer | Really fix bug#247265. Really closes: Bug#247265 ( |
|
||
|
docs
|
1 | 20 years ago | Bazaar Package Importer | Import upstream version 6.0 |
|
||
|
tools
|
1 | 20 years ago | Bazaar Package Importer | Import upstream version 6.0 |
|
||
|
wwwroot
|
1 | 20 years ago | Bazaar Package Importer | Import upstream version 6.0 |
|
||
README.TXT |
5 | 18 years ago | Bazaar Package Importer | [ Jonas Smedegaard ] * New upstream release. + R | 6.5 KB |
|
|