registry team mailing list archive

Thread
Date

[Bug 212196] Re: [CVE-2008-1468] XSS vulnerability via UTF-7 encoded input

To: registry@xxxxxxxxxxxxxxxxxxx
From: Scott Howard <showard314@xxxxxxxxxx>
Date: Fri, 17 Sep 2010 16:24:47 -0000
Reply-to: Bug 212196 <212196@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Fixed in karmic:

namazu2 (2.0.18-0.1) unstable; urgency=high

  * Non-maintainer upload to fix a security issue and pending l10n issues.
  * New upstream release. Fixes CVE-2008-1468
    (allows remote attackers to inject arbitrary web script or HTML via
     UTF-7 encoded input). Closes: #472644
  * Fix the package description wrt availability of chasen
    Closes: #152873
  * Fix packages' synopsis. Closes: #173006, #245404
  * Debconf translations:
    - Dutch. Closes: #415497
    - Portuguese. Closes: #416825
    - Finnish. Closes: #472914
    - Galician. Closes: #475591
    - Basque. Closes: #475608
    - Russian. Closes: #476443
  * [Lintian] Move libnmz7-dev to section "libdevel"
  * [Lintian] Remove cruft from dh-make: debian/ex.doc-base.package
  * [Lintian] No longer ignore errors from "make distclean"
  * [Lintian] Set debhelper compatibility level in debian/compat
  * [Lintian] Don't use $(PWD) in debian/rules, nor the "CWD=$(shell pwd)"
    trick previously used. Use $(CURDIR) instead.
  * [Lintian] List "tk8.3" as first alternative before wish virtual package
  * Replace "debconf | debconf2.0" by "${misc:Depends}" in dependencies

 -- Ubuntu Archive Auto-Sync <archive@xxxxxxxxxx>   Fri,  02 May 2008
02:19:59 +0100

** Changed in: namazu2 (Ubuntu)
       Status: Confirmed => Fix Released

-- 
[CVE-2008-1468] XSS vulnerability via UTF-7 encoded input
https://bugs.launchpad.net/bugs/212196
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Debian.