Re: XSS in paste 1.7.1-1 and 1.7.3.1-1

To: piotr@debian.org
Cc: debian-release@lists.debian.org
Subject: Re: XSS in paste 1.7.1-1 and 1.7.3.1-1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Mon, 2 Aug 2010 20:43:08 -0400
Message-id: <[🔎] 93f98ba9bcfe80a5e4b50346f3cc1610.squirrel@adsl.funkybadger.org>
In-reply-to: <[🔎] 20100802223354.GK20968@piotro.eu>
References: <20100625222534.GA3730@piotro.eu> <[🔎] 20100802204800.GJ20968@piotro.eu> <[🔎] a6207a0c0e722af1800230d51cedeb36.squirrel@adsl.funkybadger.org> <[🔎] 20100802223354.GK20968@piotro.eu>

On Mon, August 2, 2010 18:33, Piotr O&#380;arowski wrote:
> [Adam D. Barratt, 2010-08-03]
>> Have you discussed with the security team whether this is something they
>> believe a DSA should be issued for?
>
> I backported the patch for Debian (stable and unbstable) few hours after
> upstream released new version (didn't know about the issue before) and
> mailed security team few hours later. They suggested to contact release
> team instead.

Thanks.

I've marked the package for acceptance at the next dinstall.

Regards,

Adam

Reply to:

References:
- Re: XSS in paste 1.7.1-1 and 1.7.3.1-1
  - From: Piotr Ożarowski <piotr@debian.org>
- Re: XSS in paste 1.7.1-1 and 1.7.3.1-1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Re: XSS in paste 1.7.1-1 and 1.7.3.1-1
  - From: Piotr Ożarowski <piotr@debian.org>

Prev by Date: Bug#589689: transition to libjack-jackd2-0 breaks many packages
Next by Date: NEW changes in proposedupdates
Previous by thread: Re: XSS in paste 1.7.1-1 and 1.7.3.1-1
Next by thread: Bug#591092: marked as done (nmu: igstk_4.2.0-3)
Index(es):
- Date
- Thread