Bug#312413: CAN-2005-1921

To: 312413@bugs.debian.org
Cc: 312413-submitter@bugs.debian.org
Subject: Bug#312413: CAN-2005-1921
From: Micah Anderson <micah@riseup.net>
Date: Sat, 23 Jul 2005 11:14:03 -0500
Message-id: <[🔎] 20050723161403.GR2766@riseup.net>
Reply-to: Micah Anderson <micah@riseup.net>, 312413@bugs.debian.org

Hey Penny,

One of the applications affected by a recent swatch of PEAR XML_RPC
(aka XML-RPC or xmlrpc) and PHPXMLRPC security flaws that allow remote
attackers to execute arbitrary PHP code via an XML file (which is not
properly sanitized before being used in an eval statement) is....
serendipity!

Be sure that when packaging serendipity that CAN-2005-1921 is fixed
before it is uploaded.

Micah

Reply to:

Prev by Date: Bug#271988: marked as done (ITP: ded -- curses-based file browser with the possibility of editing directories)
Next by Date: Bug#283806: marked as done (ITP: elizatalk -- talk program like emacs psychatrist)
Previous by thread: Bug#271988: marked as done (ITP: ded -- curses-based file browser with the possibility of editing directories)
Next by thread: Bug#283806: marked as done (ITP: elizatalk -- talk program like emacs psychatrist)
Index(es):
- Date
- Thread