its stuff like this that just keeps depressing me into not finishing the work i do packaging twiki for debian.
your officiousness is a joy, ta. same sort of thing as when just before the last debian release came out, and some one helpfully filed an un-reproducible RC bug, that didn't happen for anyone else, but no debian developer came out to help. you guys really truly don't want help from people outside your klic do you. Thijs Kinkhorst wrote: >> CVE-2006-1387: "TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows >> remote authenticated users with edit rights to cause a denial of service >> (infinite recursion leading to CPU and memory consumption) via INCLUDE >> by URL statements that form a loop, such as a page that includes >> itself." > > I could look into fixing this, but since twiki has: > > * multiple open security issues without any maintainer response for many > months now, > * plus no maintainer response to the majority of the other open bugs, > * trivial things not fixed, > * never been part of a stable release, > > the best is to just remove it from testing. > > I'm cc'ing MIA since the maintainer doesn't have any visible activity > for over a year. > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
