Package: gforge Version: 3.1-31 Severity: important Tags: security Hi Roland!
http://marc.theaimsgroup.com/?l=bugtraq&m=112259845904350&w=2 describes two vulns in GForge 4.5: Multiple cross-site scripting (CAN-2005-2430) and mail bomb (CAN-2005-2431). Can you please check whether 3.1 is also affected by these? I left the severity at important since I did not check myself. Please raise as appropriate. Please also add the CAN numbers to the changelog if you fix this. Thanks and have a nice day, Martin -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntu.com Debian Developer http://www.debian.org
signature.asc
Description: Digital signature
