Package: roundup Version: 1.4.4 Severity: grave Tags: security Justification: user security hole
I see that there isn't a fix for Debian for this bug: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1475 http://sourceforge.net/tracker/index.php?func=detail&aid=1907211&group_id=31577&atid=402788 Apparently, the Debian version is thus vulnerable. -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.24-1-amd64 (SMP w/1 CPU core) Locale: LANG=es_CL.utf8, LC_CTYPE=es_CL.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
