So it was a mistake that the bug has been closed in the changelog. But I've explained before, that this bug is not a security issue with YUI or any other JS library, but an issue of web applications vulnerable to XSS attacks. I therefor suggest that this bug should be closed. Is there any other idea on how to proceed?
Thomas Koch, http://www.koch.ro -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org