Bug#340583: CVE-2005-3745: Cross-Site-Scriping vulnerability
Package: libstruts1.2-java Severity: grave Tags: security Justification: user security hole A Cross-Site-Scriping vulnerability has been found in the request handler for generating error messages. Please see http://www.securityfocus.com/archive/1/archive/1/417296/30/0/threaded for more details. It's been fixed upstream in 1.2.8. This has been assigned CVE-2005-3745, please mention it in the changelog when fixing it. Cheers, Moritz -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14-2-686 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) ___ pkg-java-maintainers mailing list pkg-java-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers
Bug#340582: CVE-2005-3747: Incorrect input validation of HTTP requests
Package: jetty Version: 5.1.5rc1-6 Severity: grave Tags: security Justification: user security hole An input validation error when processing HTTP requests containing specially crafted characters can be exploited to display the source code of Java Server pages instead of an expected HTML response. Please see http://www.frsirt.com/english/advisories/2005/2515 for details. It's fixed upstream in 5.1.6. This has been assigned CVE-2005-3747, please mention it in the changelog when fixing it. Cheers, Moritz -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14-2-686 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) ___ pkg-java-maintainers mailing list pkg-java-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers
das etwas andere Fest
Title: Weihnachten und Neujahr Gönnen Sie sich über Weihnachten und Neujahretwas ganz besonderes: einen Kurzurlaub mit Skilaufen in den Bergenund (und - nicht oder) Baden am Strand dazu eine tolle Sylvesterfeier hier anklicken eMail ___ pkg-java-maintainers mailing list pkg-java-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers
concurrent-dfsg 1.3.4-1 MIGRATED to testing
FYI: The status of the concurrent-dfsg source package in Debian's testing distribution has changed. Previous version: (not in testing) Current version: 1.3.4-1 -- This email is automatically generated. See http://people.debian.org/~henning/trille/ for more information. ___ pkg-java-maintainers mailing list pkg-java-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-java-maintainers