subject:"Bug#319315\: tdiary\: JVN#60776919 Cross Site Request Forgeries, CSRF"

Bug#319315: tdiary: JVN#60776919 Cross Site Request Forgeries, CSRF

2005-07-23 Thread Daigo Moriwaki

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 > Upstream security release against CSRF attack. English announcement is available: http://sourceforge.net/forum/forum.php?forum_id=482743 This has been fixed in unstable, tdiary 2.0.2. This is not fixed in stable yet. I sent a mail to security tea

Bug#319315: tdiary: JVN#60776919 Cross Site Request Forgeries, CSRF

2005-07-20 Thread Kazuhiro NISHIYAMA

Package: tdiary Version: 2.0.1-1 Severity: grave Justification: user security hole Upstream security release against CSRF attack. -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.9 Locale: LANG=ja_JP.eucJP, LC_CTYPE=ja_JP.eucJP (charmap=EUC-JP) Versions of p