Martin Pitt wrote: > The changelog shows no trace that this is fixed: > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0299 > http://www.securityfocus.com/bid/12318 > > However, I did not actually check the code; if gforge is vulnerable, > please coordinate with the security team.
gforge (3.1-26) unstable; urgency=high
* Disabled controller.php and controlleroo.php because of security
risks, hence the high urgency upload (closes: #291718).
-- Roland Mas <[EMAIL PROTECTED]> Sun, 23 Jan 2005 12:59:25 +0100
This bug should be closed, unless we also want to fix the security hole in
the disabled files. Which is probably a good idea on general principles,
but not a reason for the bug to stay RC anyway.
--
see shy jo
signature.asc
Description: Digital signature
