Bug#547414: pu: package movabletype-opensource/4.2.3-1+lenny1
On Sat, 2009-09-19 at 15:39 +0100, Dominic Hargreaves wrote:
> #537935 describes an XSS bug which has been worked around in this new
> package. Because I have found it difficult to ascertain the details of
> the bug I have chosen to disable the relevant component in the default
> configuration (something that should have been done anyway).
>
> I've attached my proposed changes.
>
> Please could you let me know whether this is okay to upload to stable.
Were the changes to debian/postinst intended to be included as part of
the diff? They refer to a package version of 4.2.3-1+lenny1~test.2,
which I assume has never been in the archive, and are not mentioned in
the changelog.
Regards,
Adam
Reply to: