Re: Proposed mass prototypejs bug filing for multiple security issues

To: debian-devel@lists.debian.org
Subject: Re: Proposed mass prototypejs bug filing for multiple security issues
From: Niko Tyni <ntyni@debian.org>
Date: Wed, 28 Oct 2009 09:06:26 +0200
Message-id: <[🔎] 20091028070626.GA30395@kuusama.it.helsinki.fi>
In-reply-to: <[🔎] 20091018204335.cd4f6499.michael.s.gilbert@gmail.com>
References: <[🔎] 20091018204335.cd4f6499.michael.s.gilbert@gmail.com>

On Sun, Oct 18, 2009 at 08:43:35PM -0400, Michael S Gilbert wrote:

> The prototypejs script has been found to be vulnerable to a couple
> security issues [0],[1].  This script is embedded in about 32 other

>         - smokeping <unfixed> (embed)

Only the lenny version (2.3.6-3) is affected. The squeeze/sid versions
depend on libjs-prototype, and the etch one doesn't use prototypejs at
all yet.

Filed as #552549, will look at a stable update. Help with extracting
the minimal patches for prototypejs 1.5.0_rc0 would be appreciated.

Thanks for your work,
-- 
Niko Tyni   ntyni@debian.org

Reply to:

References:
- Proposed mass prototypejs bug filing for multiple security issues
  - From: Michael S Gilbert <michael.s.gilbert@gmail.com>

Prev by Date: Re: Lintian based autorejects
Next by Date: Re: Lintian based autorejects
Previous by thread: Re: Proposed mass prototypejs bug filing for multiple security issues
Next by thread: Bug#551562: ITP: libmecab-ruby -- mecab binding for Ruby language
Index(es):
- Date
- Thread