Hello, * 2008-03-31 15:40, Nico Golde wrote: > While I agree that the cookie issues and the session id issue is not of > an high impact I still think that at least the CSRF issue should be fixed > cause the exploit scenario has a certain real life importance.
I fully agree, but it seems that upstream is not working on the issue nor providing a patch. I'll try to write to the devel mailing list, but till now I didn't get any useful feedback. Thanks, -- Fabio Tranchitella http://www.kobold.it Free Software Developer and Consultant http://www.tranchitella.it _____________________________________________________________________ 1024D/7F961564, fpr 5465 6E69 E559 6466 BF3D 9F01 2BF8 EE2B 7F96 1564 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
