Bug#546055: pu: package webauth/3.6.0-1+lenny1
"Adam D. Barratt" <adam@adam-barratt.org.uk> writes:
> On Thu, 2009-09-10 at 16:42 -0700, Russ Allbery wrote:
>> WebAuth just released a security update for a vulnerability in the
>> WebLogin server where, in rare circumstances, the user's password could
>> be lifted into the URL and from there exposed to other web sites and
>> the browser history. After discussion with the Debian security team,
>> this was deemed suited for a stable update rather than a full security
>> release.
>> I'm therefore seeking permission to upload webauth 3.6.0-1+lenny1 to
>> stable-proposed-updates. The patch against the current 3.6.0-1 release
>> in stable is attached.
> Please go ahead with the spu upload.
Thanks, done.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: