Bug#546055: pu: package webauth/3.6.0-1+lenny1
On Thu, 2009-09-10 at 16:42 -0700, Russ Allbery wrote:
> WebAuth just released a security update for a vulnerability in the
> WebLogin server where, in rare circumstances, the user's password
> could be lifted into the URL and from there exposed to other web sites
> and the browser history. After discussion with the Debian security
> team, this was deemed suited for a stable update rather than a full
> security release.
> I'm therefore seeking permission to upload webauth 3.6.0-1+lenny1 to
> stable-proposed-updates. The patch against the current 3.6.0-1 release
> in stable is attached.
Please go ahead with the spu upload.