Hi
Please use CVE-2008-2231 as a reference for this issue.
It should be included in every changelog entry that deals with this issue.
Thanks in advance.
Cheers
Steffen
signature.asc
Description: This is a digitally signed message part.
Hi,
Steffen Joeris schrieb am Wed, Jun 04, 2008 at 11:24:06PM +1000:
> Yes, I am aware that the stable team knows about it.
Oh, ok.
> The issue, however, is unembargoed (and thus public and known)
Of course it is.
> and nothing stops you from uploading fixed packages to unstable.
That's not r
Hi Alex
> the bug is well known to me, there are fixed packages available for
> Etch and Sarge (since at that time Sarge still had security support).
>
> Security Team has been informed about the bug on the day of the
> initial disclosure, but I'm still waiting for them to publish an DSA
> and pub
Processing commands for [EMAIL PROTECTED]:
> tag 484499 + confirmed pending patch etch
Bug#484499: slash: possible SQL injection vulnerability
Tags were: security
Tags added: confirmed, pending, patch, etch
> thanks
Stopping processing here.
Please contact me if you need assistance.
Debi
tag 484499 + confirmed pending patch etch
thanks
Hi,
the bug is well known to me, there are fixed packages available for
Etch and Sarge (since at that time Sarge still had security support).
Security Team has been informed about the bug on the day of the
initial disclosure, but I'm still waiting
Package: slash
Severity: grave
Tags: security
Justification: user security hole
Hi
A possible SQL injection vulnerability was discovered in slash.
The vulnerability was an SQL injection. Its effect was to allow a user
with no special authorization to read any information from any table the
Slash
6 matches
Mail list logo