Ping! Peng? What's with this BR? Maybe a CVE is now worth to package a new version?
[1] says: "...Among many fixes since v1.7.3.3, it contains a fix to a recently discovered XSS vulnerability in Gitweb (CVE 2010-3906). A backport to an earlier maintenance track 1.6.6.3 is available (replace 1.7.3.4 with 1.6.6.3 above)..." - Sedat - [1] http://lkml.org/lkml/2010/12/16/11 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
