I've just downloaded the WebSVN 2.1 tarball and it is not vulnerable for
this issue. Therefore, reporting to upstream doesn't make any sense...

However, WebSVN 2.0 will appear in Lenny. I think the fix should be
backported to 2.0 or Lenny should contain WebSVN 2.1.



-- 
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to