Package: twiki Version: 1:4.0.5-9.1 Severity: grave Tags: security Justification: user security hole
TWiki command execution vulnerability found in current version. US-CERT Vulnerability Note: http://www.kb.cert.org/vuls/id/362012 and TWiki Security Alert: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2008-3195 -- System Information: Debian Release: 4.0 APT prefers oldstable APT policy: (500, 'oldstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-6-686 Locale: LANG=en_CA, LC_CTYPE=en_CA (charmap=ISO-8859-1) Versions of packages twiki depends on: ii apache-common 1.3.34-4.1+etch1 support files for all Apache webse ii debconf [debconf-2.0] 1.5.11etch2 Debian configuration management sy ii libalgorithm-diff-perl 1.19.01-2 a perl library for finding Longest ii libcgi-session-perl 4.14-1 Persistent session data in CGI app ii libdigest-sha1-perl 2.11-1 NIST SHA-1 message digest algorith ii liberror-perl 0.15-8 Perl module for error/exception ha ii libhtml-parser-perl 3.55-1 A collection of modules that parse ii liblocale-maketext-lexi 0.62-1 Lexicon-handling backends for "Loc ii libtext-diff-perl 0.35-2 Perform diffs on files and record ii liburi-perl 1.35-2 Manipulates and accesses URI strin ii perl [libmime-base64-pe 5.8.8-7etch3 Larry Wall's Practical Extraction ii perl-modules [libnet-pe 5.8.8-7etch3 Core Perl modules ii rcs 5.7-18 The GNU Revision Control System twiki recommends no packages. -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
