Hi,
it's 135 days since the bug report was filed, it has a patch attached, it
is a bug classified as 'serious', still I see no progress.. I don't want
to hurt anyone, but with this approach I fear that TWiki will miss the
next stable release as well.. :-(
I can offer some help if you accept it (I
its stuff like this that just keeps depressing me into not finishing the
work i do packaging twiki for debian.
your officiousness is a joy, ta.
same sort of thing as when just before the last debian release came out,
and some one helpfully filed an un-reproducible RC bug, that didn't
happen for a
> CVE-2006-1387: "TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows
> remote authenticated users with edit rights to cause a denial of service
> (infinite recursion leading to CPU and memory consumption) via INCLUDE
> by URL statements that form a loop, such as a page that includes
> itself."
Package: twiki
Severity: important
Tags: patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
CVE-2006-1387: "TWiki 4.0, 4.0.1, and 20010901 through 20040904 allows
remote authenticated users with edit rights to cause a denial of service
(infinite recursion leading to CPU and memory consumption) v
4 matches
Mail list logo
