Package: movabletype-plugin-core Version: 4.3.3-1 Severity: important
It looks to me as that the Zemanta plugin that is suggesting content is sending the text of the blog posts to their service. This plugin is *enabled* by default and it was activated only via upgrading. While not everyone uses MovableType just for public texts I find it really not a good choice and as a security problem in a default configuration. -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (800, 'stable'), (700, 'testing'), (600, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages movabletype-plugin-core depends on: ii libclass-accessor-perl 0.31-2 Automated accessor generator ii libhtml-entities-numbered- 0.04-1 Conversion of numbered HTML entiti ii libhtml-parser-perl 3.56-1+lenny1 A collection of modules that parse ii libjson-perl 2.07-1 Perl module to parse and convert t ii libtext-textile-perl 2.03-2 formats text using a simple style ii libwww-perl 5.813-1 WWW client/server library for Perl ii libxml-sax-perl 0.16+dfsg-3 Perl module for using and building ii perl-modules 5.10.1-11 Core Perl modules movabletype-plugin-core recommends no packages. movabletype-plugin-core suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
