[Pkg-javascript-devel] Bug#730104: yui: CVE-2013-6780
Moritz Muehlenhoff
jmm at inutil.org
Thu Nov 21 13:09:22 UTC 2013
Package: yui
Severity: grave
Tags: security
Justification: user security hole
This was assigned CVE-2013-6780:
https://yuilibrary.com/support/20131111-vulnerability/
Given that upstream states
| YUI 2 is an end-of-lifed project and is no longer supported. All YUI 2 .swf files
| have been removed from the Yahoo CDN. If your site was taking advantage of the
| presence of these files on the Yahoo CDN they will no longer be available.
yui should be removed from unstable. Please file bugs against it's rdeps.
Cheers,
Moritz
More information about the Pkg-javascript-devel
mailing list