[Pkg-roundcube-maintainers] Bug#514179: CVE-2009-0413: possible XSS issue

Holger Levsen holger at layer-acht.org
Wed Feb 11 18:52:11 UTC 2009


On Mittwoch, 11. Februar 2009, Vincent Bernat wrote:
> It should be vulnerable too. Would it be possible to upgrade to 0.2-alpha?

Besides that it's in experimental atm, do you have a way to reduce it's 
depends to something which is in etch/bpo or at least lenny?

(And I'm not sure Alexander will like it. But then the question how to proceed 
is still open. Remove it and send a mail to bpo-announce and inform people?)

Do you have 0.2 running on etch somewhere?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-roundcube-maintainers/attachments/20090211/5eba64c9/attachment.pgp 

More information about the Pkg-roundcube-maintainers mailing list