Thijs Kinkhorst wrote: > > > CVE-2006-3320: "Cross-site scripting (XSS) vulnerability in command.php > > in SiteBar 3.3.8 and earlier allows remote attackers to inject arbitrary > > web script or HTML via the command parameter." > > I've already fixed this by NMU in unstable. I've also prepared an > updated package for stable - question is if the security team wants to > release an advisory for this and if this package is ok. See attachment. > > Let me know, if it's ok I'll upload it to stable-security.
Please adjust the distribution to stable-security and the urgency to high, then proceed. Regards, Joey -- Let's call it an accidental feature. -- Larry Wall Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]