Re: phppgadmin multiple XSS (CVE-2011-3598)

To: Moritz Muehlenhoff <jmm@inutil.org>
Cc: 644290@bugs.debian.org, team@security.debian.org, debian-release@lists.debian.org
Subject: Re: phppgadmin multiple XSS (CVE-2011-3598)
From: Christoph Berg <myon@debian.org>
Date: Thu, 5 Jan 2012 10:00:43 +0100
Message-id: <[🔎] 20120105090043.GA5313@msgid.df7cb.de>
Mail-followup-to: Christoph Berg <myon@debian.org>, Moritz Muehlenhoff <jmm@inutil.org>, 644290@bugs.debian.org, team@security.debian.org, debian-release@lists.debian.org
In-reply-to: <20120104171956.GA4503@inutil.org>
References: <20111010082735.GA22252@msgid.df7cb.de> <20120104171956.GA4503@inutil.org>

Re: Moritz Muehlenhoff 2012-01-04 <20120104171956.GA4503@inutil.org>
> > > Can you also assess whether (old)stable are affected, and if so, provide
> > > packages? If not (affected or able), do let us know aswell.
> > > 
> > > In any case, please mention CVE-2011-3598 in your changelogs.
> > 
> > https://secunia.com/advisories/46248/ says "prior versions" are
> > affected, so yes.
> > 
> > The relevant diff parts are:
> 
> Apparently this fell through the cracks. :-/
> 
> The impact of this issue is rather minor. Could you please fix this in 
> the upcoming 6.0.4 point release for Squeeze?
> http://www.debian.org/doc/manuals/developers-reference/pkgs.html#upload-stable

Hi,

I'm not sure I still have the squeeze/lenny packages I uploaded to
security-master. Could you push them to ftp-master?

Christoph
-- 
cb@df7cb.de | http://www.df7cb.de/

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: phppgadmin multiple XSS (CVE-2011-3598)
  - From: Moritz Mühlenhoff <jmm@inutil.org>

Prev by Date: Re: [SRM] krb5 changelog missing CVE
Next by Date: Bug#652650: ImageMagick transition
Previous by thread: Uploading linux-2.6 (3.1.8-1)
Next by thread: Re: phppgadmin multiple XSS (CVE-2011-3598)
Index(es):
- Date
- Thread