Viewing all changes in revision 6.
- Committer: Bazaar Package Importer
- Date: 2006-05-22 21:51:34 UTC
- Revision ID: james.westby@ubuntu.com-20060522215134-wfjebcfggqkgsvf9
* SECURITY UPDATE: Cross-site scripting.
* debian/patches/1001_sanitize_more.patch:
- Use the Sanitize function to filter out arbitrary HTML from 'diricons'
parameter (analoguous to CVE-2006-1945, which is already fixed in this
version).
- Sanitize MigrateStats parameter (XSS if statistics updates are enabled).
[CVE-2006-2237]
- Patch from upstream CVS, taken from Debian's 6.5-2 version.
* debian/patches/1001_sanitize_more.patch:
- Use the Sanitize function to filter out arbitrary HTML from 'diricons'
parameter (analoguous to CVE-2006-1945, which is already fixed in this
version).
- Sanitize MigrateStats parameter (XSS if statistics updates are enabled).
[CVE-2006-2237]
- Patch from upstream CVS, taken from Debian's 6.5-2 version.
- files modified:
- debian/changelog
expand all
collapse all
added
removed
