On Wed, Jun 20, 2012 at 03:30:21PM +0000, Daniel Pocock wrote:
> - impact of the bug (e.g. security risk? completely non-functional?)
I don't know; openid-consent.js seems to contain a security warning
triggered in some conditions ("fraudulent webiste"), so possibly that
warning will not come when it should; this would be a security bug.
It does not make SimplID completely non-functional. It works.
> - workaround attempted (renaming or correcting page.inc)?
No.
> - symptoms of the bug - did anything unusual happen that caused you to
> notice this?
No, but see above for my theory.
> On 20/06/12 14:27, Lionel Elie Mamane wrote:
> > Package: simpleid
> > Version: 0.8.1-10
> > Severity: normal
> >
> > In /usr/share/simpleid/www/page.inc:
> >
> > $xtpl->assign('javascript', '<script src="' . get_base_path() .
> > 'html/consent.js" type="text/javascript"></script>');
> >
> > but:
> >
> > $ ls /usr/share/simpleid/www/html/consent.js
> > ls: cannot access /usr/share/simpleid/www/html/consent.js: No such file or
> > directory
> >
> > However,
> >
> > $ ls /usr/share/simpleid/www/html/openid-consent.js
> > /usr/share/simpleid/www/html/openid-consent.js
> >
> >
> > Maybe *that* file was meant?
> >
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
