[Pkg-javascript-devel] Bug#603513: Bug#603513: yui: multiple xss issues in included swf files
Moritz Muehlenhoff
jmm at inutil.org
Sun Dec 5 21:21:15 UTC 2010
On Wed, Dec 01, 2010 at 11:23:21PM +0100, Julien Cristau wrote:
> tag 591199 squeeze-ignore
> kthxbye
>
> On Wed, Dec 1, 2010 at 23:09:34 +0100, Moritz Muehlenhoff wrote:
>
> > We should update the SWF files affected through #603513 with their
> > versions from YUI 2.8.2 and tag #591199 squeeze-ignore. For Wheezy
> > we can get the necessary SWF compilers into the archive and provide
> > a clean solution, but splitting these modules off to non-free has
> > the potential to cause all kinds of ugly breakage in important web
> > apps for very little gain.
Jaldhar,
please prepare an yeu upload which updates the security-buggy SWF from
from 603513.
Cheers,
Moritz
More information about the Pkg-javascript-devel
mailing list