Stephen Gran wrote: > Hello all, Thanks a lot for contacting us.
> There is a security bug in webcalendar (#315671 and > http://www.securityfocus.com/bid/14072, for reference). Tim is the > maintainer, but does not yet have a debian account, and cannot upload. > We have a fixed version for sarge ready (patch attached). I am happy to > upload it for Tim, or you could based on the attached patch. Please let > us know which way you want to handle this. Tim is copied on this mail, > please keep both of us in the follow ups. > > There is as yet no CVE, but the bugtraq ID is 14072. I have requested an id. While we're at it, have you checked this vulnerability as well? http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0474 I'll take care of sarge. Regards, Joey -- Whenever you meet yourself you're in a time loop or in front of a mirror. Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
