[Pkg-javascript-devel] Bug#557745: fixed in yui 2.8.0r4-1
Gerfried Fuchs
rhonda at deb.at
Tue Dec 1 08:27:26 UTC 2009
notfixed 557745 2.8.0r4-1
reopen 557745
thanks
* Jaldhar H. Vyas <jaldhar at debian.org> [2009-11-27 07:48:09 CET]:
> We believe that the bug you reported is fixed in the latest version of
> yui
I believe that the bug is *not* fixed in that version:
> [ Jaldhar H. Vyas ]
> * SECURITY] yui was mentioned in CVE-2007-2385 however the library
> itself is not responsible for XSS issues. This is more to do with
> the way applications are coded. (Closes: #557745)
Please don't abuse the changelog and the version tracking in the BTS
like that. If you believe that this is a non-issue, send a simple mail
(without a version pseudo header) to bug-done at bugs. I suggest you to
read this ancient mail for some ideas:
<http://lists.debian.org/debian-devel-announce/2003/06/msg00016.html>
Thanks,
Rhonda
More information about the Pkg-javascript-devel
mailing list