Package: collabtive Version: 2.0+dfsg-5 Severity: important Tags: security Hi Gunnar,
I just noticed that the collabtive package embeds its own copy of (at least) HTMLPurifier (as available in the php-htmlpurifier package) and phpseclib (as available in the php-seclib package). It looks like most existing PHP classes used as dependencies are currently symlinked. You may consider including them from where they belong instead. Regards David
signature.asc
Description: Digital signature
_______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
