CC-ing the security team as suggested on #debian. Explanation: this security related bug in XML_RPC, part of php4-pear package, has been closed by an upload to unstable, but the version in sarge is still affected.
Quoting Zoran Dzelajlija ([EMAIL PROTECTED]): > Hi, any word of a sarge release to cover CAN-2005-1921 and, to kill two > flies, the new XML_RPC bug CAN-2005-2498? I've applied Ubuntu's > patches for both to a local build without much hassle... > > Also, is there some user-friendly documentation aobut the new BTS > features (found vs. tagging for sarge)? Should this bug be reopened > until sarge gets a fix for these vulnerabilities? > > Regards, > Zoran -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
