Jan Wagner uploaded a security update for egroupware in etch backports which fixes the following issue: CVE-2007-4048 Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. This issue has been fixed in the 1.2.107-2.dfsg-1.1~bpo40+1 package in etch-backports. Alex -- Alexander Wirt, formorer@formorer.de CC99 2DDD D39E 75B0 B0AA B25C D35B BC99 BC7D 020A
Attachment:
signature.asc
Description: Digital signature