-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2011-07-28 09:39:38 UTC
-
mfrom:
(102.1.4 lucid-proposed)
-
Revision ID:
james.westby@ubuntu.com-20110728093938-1crrj6yjze4h7zkb
Tags: 2:3.4.7~dfsg-1ubuntu3.7
* SECURITY UPDATE: cross-site scripting in SWAT
- debian/patches/CVE-2011-2694.patch: don't display username in
source3/web/swat.c.
- CVE-2011-2694
* SECURITY UPDATE: cross-site request forgery in SWAT
- debian/patches/CVE-2011-2522.patch: implement nonce in
source3/web/{cgi.c,statuspage.c,swat.c,swat_proto.h}.
- CVE-2011-2522