> http://listes.cru.fr/mantis/view_bug_advanced_page.php?f_id=0000327
This apparently refers to 4.1.2. 4.1.5 is now in Debian, and 5.0.1 is
released by upstream.
5.x uses a new templating system, so this problem may have been solved
by this. In addition, the NEWS[2] entry for 4.2b.3 (13 August 2004) has the
following:
Bug fixes :
[..]
wwsympa/: wwsympa.fcgi: [reported by J.Koret] Fix an XSS vulnerability
According to bugtraq[1], this was reported by Jose Antonio
<joxeankoret () yahoo ! es> .. I suspect this is "J.Koret". If that is
correct, then this problem is fixed in 4.2b and above.
[1]:
http://marc.theaimsgroup.com/?l=bugtraq&m=109312475207604&w=2
[2]:
Seen here: http://www.sympa.org/distribution/sympa-5.1b/NEWS
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
