-
Committer:
Package Import Robot
-
Author(s):
Steve Beattie
-
Date:
2012-08-30 17:15:04 UTC
-
mfrom:
(25.1.1 precise-proposed)
-
Revision ID:
package-import@ubuntu.com-20120830171504-jl07j03zlj17d1ar
Tags: 2012.1.3+stable~20120815-691dd2-0ubuntu1.1
* SECURITY UPDATE: open redirect / phishing attack via "next"
parameter (LP: #1039077)
- debian/patches/CVE-2012-3540.patch: disallow redirects to anywhere
other than the same origin
- CVE-2012-3540