-
Committer:
Bazaar Package Importer
-
Author(s):
Kees Cook
-
Date:
2006-10-11 14:41:27 UTC
-
Revision ID:
james.westby@ubuntu.com-20061011144127-i0gdr6bf4nk4g0c8
Tags: 2.1-1ubuntu0.1
* SECURITY UPDATE: Vulnerable to cross-site scripting.
* Add 'debian/patches/05_sanitize_html_entities.dpatch': sanitize User-Agent
and host display in admin.php.
* References
http://www.stevenroddis.com.au/2006/10/06/torrentflux-user-agent-xss-vulnerability/