XSS in gallery, what's the status?

To: debian-security@lists.debian.org
Subject: XSS in gallery, what's the status?
From: Martin Lohmeier <martin@mein-horde.de>
Date: Sun, 02 Jul 2006 12:58:48 +0200
Message-id: <[🔎] 44A7A6E8.6000202@mein-horde.de>

Hi,

this week I noticed that gallery contain an XSS [1] that is still
unfixed in sarge. I was reported in August 2005 (!). The maintainer
mentioned that he forwarded a patch to the security team.

So my question is: what's blocking the security update?

bye, Martin

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285
-- 

Powered by Debian GNU / Linux

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

debian-security@lists.debian.org
Martin Lohmeier (on-list)
Martin Lohmeier (off-list)

Prev by Date: Re: No kernel update yet?
Next by Date: Asking for testers of Bastille 3.0.9
Previous by thread: Page listing DSAs (was: Re: No kernel update yet?)
Next by thread: Asking for testers of Bastille 3.0.9
Index(es):
- Date
- Thread