* Peter Eisentraut: >> bug has been reported: >> | Unspecified vulnerability in Walter Zorn wz_tooltip.js (aka >> | wz_tooltips) before 4.01, as used by eGroupWare before 1.2.107-2 and >> | other packages, has unknown impact and remote attack vectors. >> >> <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3154> > > That information is inconsistent in several regards. eGroupWare 1.2.107-2 > and > later still uses wz_tooltips 3.45. And I don't find any information in the > changelog that wz_tooltips 4.01 contains a security fix.
Hmm. I've contacted the author, maybe he can clarify the situation. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
