Bug#240675: www.debian.org: redirect.pl wide open and fools people
Package: www.debian.org
Severity: normal
As can be seen in http://slashdot.org/comments.pl?sid=102006&cid=8695895
the redirect.pl script on cgi.debian.org can be abused. Note that it
didn't work in galeon, but I expect this will be different for people
using Windows.
Perhaps some sort of referrer check is in order?
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.4
Locale: LANG=C, LC_CTYPE=en_US
Reply to: