Bug#546055: pu: package webauth/3.6.0-1+lenny1

To: 546055@bugs.debian.org
Subject: Bug#546055: pu: package webauth/3.6.0-1+lenny1
From: Russ Allbery <rra@debian.org>
Date: Fri, 11 Sep 2009 11:34:13 -0700
Message-id: <87fxat2uvu.fsf@windlord.stanford.edu>
Reply-to: Russ Allbery <rra@debian.org>, 546055@bugs.debian.org
In-reply-to: <1252690484.30487.50.camel@kaa.jungle.aubergine.my-net-space.net> (Adam D. Barratt's message of "Fri, 11 Sep 2009 18:34:44 +0100")
References: <20090910234212.10015.41685.reportbug@windlord.stanford.edu> <1252690484.30487.50.camel@kaa.jungle.aubergine.my-net-space.net>

"Adam D. Barratt" <adam@adam-barratt.org.uk> writes:
> On Thu, 2009-09-10 at 16:42 -0700, Russ Allbery wrote:

>> WebAuth just released a security update for a vulnerability in the
>> WebLogin server where, in rare circumstances, the user's password could
>> be lifted into the URL and from there exposed to other web sites and
>> the browser history.  After discussion with the Debian security team,
>> this was deemed suited for a stable update rather than a full security
>> release.

>> I'm therefore seeking permission to upload webauth 3.6.0-1+lenny1 to
>> stable-proposed-updates.  The patch against the current 3.6.0-1 release
>> in stable is attached.

> Please go ahead with the spu upload.

Thanks, done.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

References:
- Bug#546055: pu: package webauth/3.6.0-1+lenny1
  - From: Russ Allbery <rra@debian.org>
- Bug#546055: pu: package webauth/3.6.0-1+lenny1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Re: open issues with the hppa port
Next by Date: Re: open issues with the hppa port
Previous by thread: Bug#546055: pu: package webauth/3.6.0-1+lenny1
Next by thread: Bug#546055: marked as done (pu: package webauth/3.6.0-1+lenny1)
Index(es):
- Date
- Thread