On Wed, Nov 17, 2010 at 11:51:47PM +0300, Sergei Golovan wrote:
> On Wed, Nov 17, 2010 at 11:34 AM, Sergei Golovan wrote:
> >
> > So, I'm closing this bug and will notify YAWS authors shortly.
> >
>
> The YAWS author has fixed this bug in git repository. I don't think
> that it's necessary
> to a
On Wed, Nov 17, 2010 at 11:34 AM, Sergei Golovan wrote:
>
> So, I'm closing this bug and will notify YAWS authors shortly.
>
The YAWS author has fixed this bug in git repository. I don't think
that it's necessary
to apply this patch to YAWS packages in Debian.
https://github.com/klacke/yaws/comm
On Wed, Nov 17, 2010 at 1:06 AM, Moritz Muehlenhoff wrote:
>
> The following vulnerability has been reported in YAWS:
>
> | Directory traversal vulnerability in Yaws 1.89 allows remote attackers
> | to read arbitrary files via ..\ (dot dot backslash) and other
> | sequences.
>
> http://cve.mitre.o
Package: yaws
Severity: grave
Tags: security
The following vulnerability has been reported in YAWS:
| Directory traversal vulnerability in Yaws 1.89 allows remote attackers
| to read arbitrary files via ..\ (dot dot backslash) and other
| sequences.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=
4 matches
Mail list logo
