[Secure-testing-commits] r8049 - data/CVE
Nico Golde
debian-secure-testing+ml at ngolde.de
Tue Jan 29 15:00:42 UTC 2008
Hi Thijs,
* Thijs Kinkhorst <thijs at debian.org> [2008-01-29 15:28]:
> On Monday 28 January 2008 22:04, nion at alioth.debian.org wrote:
> > Log:
> > CVE-2007-6611, CVE-2006-6574 fixed in next sarge update
>
> > CVE-2007-6611 (Cross-site scripting (XSS) vulnerability in view.php in
> > Mantis before ...) {DSA-1467-1}
> > - mantis 1.0.8-4 (low; bug #458377)
> > + TODO: r8 [sarge] - mantis 0.19.2-5sarge5
>
> Isn't this superfluous because the inclusion in the stable update is the
> direct consequence of the (mentioned) DSA-1467? Or am I missing something?
No you are right, jmm already corrected this. I did not see
it was included in the recent DSA when I got the close mail
by the BTS.
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20080129/f8253487/attachment.pgp
More information about the Secure-testing-commits
mailing list