Package: tdiary Severity: grave Tags: security patch Version: 2.0.1-1sarge1 2.0.2+20060303-5
Hi Daigo, You know, XSS issue was found in tdiary. It has already been fixed in unstable and testing but oldstable and stable is not fixed yet. see http://www.tdiary.org/20071215.html (in Japanese) It says 2.0.x has its bug and we can get patches for 2.0.x as http://tdiary.cvs.sourceforge.net/tdiary/core/skel/category.rhtml?view=markup&pathrev=Stable-2_0 http://tdiary.cvs.sourceforge.net/tdiary/plugin/category.rb?revision=1.21.2.3&view=markup&pathrev=Stable-2_0 Please check and apply those patches. And upstream says "we will close maitainance for tdiary 2.0.x" so maybe we should bump up its package version, next time. -- Regards, Hideki Yamane -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
