Hi Paul, #555264 was reported from a mass-filing advice, it was about prototypejs vulnerabilities, but it didn't affects to mantis, because prototype.js file is not longer distributed in mantis debian package since version 1.1.2+dfsg-1 (see changelog for more info [0]). Same thing applies to #555265, mantis do not embeds prototype.js in debian distribution. Please, let me know if something is wrong, it will be apreciated. Thanks for your interest, Best regards, Sils [0] http://packages.debian.org/changelogs/pool/main/m/mantis/current/changelog#versionversion1.1.2_dfsg-1 Paul Wise wrote: > On Thu, Dec 31, 2009 at 6:04 AM, sils <sils@powered-by-linux.com> wrote: > >> Please, consider that remaining bugs (#555264,#555265), not afecting >> mantis, will be closed manually after this package reach the archive and >> i'll be grabbed as new maintainer. > > These look like valid bugs to me, why would you close them? >
Attachment:
signature.asc
Description: OpenPGP digital signature