On Thu, October 27, 2005 14:56, Martin Schulze wrote: >> I assume you've prepared packages of 0.19.3? >> This would address the SQL injection issue and the other XSS in >> view_all_set as well, which are both not yet in the BTS. >> >> The latest issues have been assigned CVE-2005-333[6789], BTW. >> > > Do you have an idea which of them affect woody/sarge?
I do about sarge, all of them affect sarge, don't know about woody. I will be preparing an upload for sarge soon, and investigate into woody. Can't promise anything about woody though since the version is very different from the current sarge/sid versions. But I will keep you all posted. Thijs
