On Fri, January 6, 2006 06:48, Igor Genibel wrote:
> Please read the bugs filled against wnpp concerning mantis. It is already
> adopted and uploaded.
Good to hear that. Especially with those vulnerabilities it's good when
there's an active maintainer.
BTW, are you considering of moving the data
* Igor Genibel <[EMAIL PROTECTED]> [2006-01-04 14:40:19 +0100]:
> * Moritz Muehlenhoff <[EMAIL PROTECTED]> [2005-12-30 05:02:37 +0100]:
>
> > Package: mantis
> > Severity: grave
> > Tags: security
> > Justification: user security hole
>
> Hi all,
>
> I'm just taking over this package. I current
* Moritz Muehlenhoff <[EMAIL PROTECTED]> [2005-12-30 05:02:37 +0100]:
> Package: mantis
> Severity: grave
> Tags: security
> Justification: user security hole
Hi all,
I'm just taking over this package. I currently working on new upload.
Please, be a little bit more patient :)
--
Igor Genibel
Moritz Muehlenhoff <[EMAIL PROTECTED]> writes:
> Hilko Bengen wrote:
>> Thijs Kinkhorst <[EMAIL PROTECTED]> writes:
>>
>> > If/when I'll upload to unstable I'll orphan the package, unless Hilko
>> > wants to keep on maintaining it for now.
>>
>> Have said vulnerabilities been fixed in 0.19.4? If
Hilko Bengen wrote:
> Thijs Kinkhorst <[EMAIL PROTECTED]> writes:
>
> > If/when I'll upload to unstable I'll orphan the package, unless Hilko
> > wants to keep on maintaining it for now.
>
> Have said vulnerabilities been fixed in 0.19.4? If yes, I suppose I
> could do a quick uploead for unstabl
On Fri, 2005-12-30 at 05:02 +0100, Moritz Muehlenhoff wrote:
> Lots of vulnerabilites have yet again been found in Mantis:
Since I've taken care of the previous round of vulnerabilities, I'll
take a look to see what I can do here, but provide no guarantees at this
point.
> [Hilko, in another bug
Thijs Kinkhorst <[EMAIL PROTECTED]> writes:
> If/when I'll upload to unstable I'll orphan the package, unless Hilko
> wants to keep on maintaining it for now.
Have said vulnerabilities been fixed in 0.19.4? If yes, I suppose I
could do a quick uploead for unstable.
No, I do not want to keep main
Package: mantis
Severity: grave
Tags: security
Justification: user security hole
Lots of vulnerabilites have yet again been found in Mantis:
CVE-2005-4524:
Notes on private bugs may be leaked.
CVE-2005-4523:
Private bugs may be leaked through RSS feeds.
CVE-2005-4522:
XSS in view_filters_pa
8 matches
Mail list logo
