Hey people, This is just a quick note that Debian is not vulnerable to CVE-2005-3799, "phpBB 2.0.18 allows remote attackers to obtain sensitive information via a large SQL query", since this is a path disclosure vulnerability.
We're working on fixing phpbb for sarge for the other issues at the moment. regards, Thijs
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
