On 05.06.2010 15:00, Xavier Brochard wrote:
Package: lxr-cvs
Version: 0.9.5+cvs20071020-1
Severity: serious
Tags: security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
--- Please enter the report below this line. ---
Please update lxr-cvs to the new stable version. The new version 0.9.8 of
lxrng fix several cross-site scripting vulnerabilities (CVE-2009-4497) reported
in bug #575745
The new version was published 2010-01-15 on
http://sourceforge.net/projects/lxr/
Yes, I'll push the security fix.
Note that the new upstream version is not a releasable
version: it was an alpha version with the security fix added,
but still it is not really working.
ciao
cate
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
