tag 453500 pending
thanks
* Emilio Pozuelo Monfort <[EMAIL PROTECTED]> [2007-11-29 22:42:26 CET]:
> Versions prior to 1.2.7 are affected by a exploit which permits to view the
> content of files in the remote computer.
No, prior to 1.2.8 and development branches prior to 1.3.12 (not yet
released). 1.2.7 is affected aswell.
> This is CVE-2007-5742.
... which I am pretty well aware of because it was me who requested a
CVE ID for the issue. ;)
The upload of 1.2.8 to unstable is sitting in the NEW queue to your
requested addition of the wesnoth-all package, uploads for
{old,}stable-security have been prepared and are waiting on the buildds
in the meantime, too.
> See:
Am extremely well aware of it, you can be assured of that. Just in
case, the turn_cmd removal problem won't make it through the security
update, I'll try to get it through stable-proposed-updates. Furthermore,
your version header was b0rked, there is no 1.2.7-2 version. But I'll
have to versionize the bug properly anyway, so no worries.
So long,
Rhonda
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
