Re: RFS: tikiwiki

To: debian-mentors@lists.debian.org
Subject: Re: RFS: tikiwiki
From: Marcus Better <marcus@better.se>
Date: Thu, 06 Jul 2006 09:32:53 +0200
Message-id: <[🔎] e8ieb6$lqc$1@sea.gmane.org>
References: <[🔎] e8gffb$elv$1@sea.gmane.org> <[🔎] 20060705140355.GA26198@thened.net>

Alec Berryman wrote:

> The version in experimental is probably vulnerable to CVE-2006-3048,
> CVE-2006-3047, and CVE-2006-2635.

These are resolved in 1.9.4 according to information here:

http://tikiwiki.org/tiki-read_article.php?articleId=131
http://www.securityfocus.com/bid/18143
http://www.securityfocus.com/bid/18421

> I'm unable to find mention that these issues have been resolved
> in the upstream changelog or in yours; 

Right. Upstream seems to be sloppy announcing things. I'll discuss it with
them, and put the CVE numbers in the Debian changelog.

Thanks,

Marcus

Reply to:

References:
- RFS: tikiwiki
  - From: Marcus Better <marcus@better.se>
- Re: RFS: tikiwiki
  - From: Alec Berryman <alec@thened.net>

Prev by Date: RFS: aspell-fa
Next by Date: Re: RFS: tcpser
Previous by thread: Re: RFS: tikiwiki
Next by thread: Re: RFS: tikiwiki
Index(es):
- Date
- Thread