Package: roundup Severity: important Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for roundup.
CVE-2008-1474[0]: | Multiple unspecified vulnerabilities in Roundup before 1.4.4 have | unknown impact and attack vectors. Patches on: http://sourceforge.net/mailarchive/forum.php?thread_name=E1JVMv3-0004gf-J2%40sc8-pr-cvs9.sourceforge.net&forum_name=roundup-checkins http://sourceforge.net/mailarchive/forum.php?thread_name=E1JVMv3-0004gs-To%40sc8-pr-cvs9.sourceforge.net&forum_name=roundup-checkins http://sourceforge.net/mailarchive/forum.php?thread_name=E1JVMv3-0004gr-TW%40sc8-pr-cvs9.sourceforge.net&forum_name=roundup-checkins This looks like some kind of cross-site-scripting to me. If you fix this vulnerability please also include the CVE id in your changelog entry. For further information: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1474 Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpmZa76AkvUm.pgp
Description: PGP signature
