Bug#546055: pu: package webauth/3.6.0-1+lenny1

To: Russ Allbery <rra@debian.org>, 546055@bugs.debian.org
Subject: Bug#546055: pu: package webauth/3.6.0-1+lenny1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Fri, 11 Sep 2009 18:34:44 +0100
Message-id: <1252690484.30487.50.camel@kaa.jungle.aubergine.my-net-space.net>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 546055@bugs.debian.org
In-reply-to: <20090910234212.10015.41685.reportbug@windlord.stanford.edu>
References: <20090910234212.10015.41685.reportbug@windlord.stanford.edu>

On Thu, 2009-09-10 at 16:42 -0700, Russ Allbery wrote:
> WebAuth just released a security update for a vulnerability in the
> WebLogin server where, in rare circumstances, the user's password
> could be lifted into the URL and from there exposed to other web sites
> and the browser history.  After discussion with the Debian security
> team, this was deemed suited for a stable update rather than a full
> security release.
> 
> I'm therefore seeking permission to upload webauth 3.6.0-1+lenny1 to
> stable-proposed-updates.  The patch against the current 3.6.0-1 release
> in stable is attached.

Please go ahead with the spu upload.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#546055: pu: package webauth/3.6.0-1+lenny1
  - From: Russ Allbery <rra@debian.org>

References:
- Bug#546055: pu: package webauth/3.6.0-1+lenny1
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Re: open issues with the hppa port
Next by Date: Re: open issues with the hppa port
Previous by thread: Bug#546055: pu: package webauth/3.6.0-1+lenny1
Next by thread: Bug#546055: pu: package webauth/3.6.0-1+lenny1
Index(es):
- Date
- Thread