** Patch added: "htmlpurifier_400_fixes.patch" http://launchpadlibrarian.net/50413505/htmlpurifier_400_fixes.patch
** Description changed: Binary package hint: php-htmlpurifier - From the HTML Purifier 4.1.0 release announcement: + From the HTML Purifier 4.1.1 release announcement: - "HTML Purifier 4.1 is a major security release that fixes an XSS - vulnerability exploitable on Internet Explorer." + "HTML Purifier 4.1.1 is a major security and bugfix release that + improves on 4.1's fix for an XSS vulnerability exploitable on Internet + Explorer." I couldn't find a CVE number or any details as to what this is. All I got was this: - http://secunia.com/advisories/39613/ + http://secunia.com/advisories/39613/ - For lucid, I think the easiest fix would be to sync with the latest - version (4.1.0) from Debian or Maverick. - - For karmic, I'm not sure what the best solution is. + Both karmic and lucid are affected by this problem. -- XSS in HTML purifier 3.0.0 and 4.0.0 https://bugs.launchpad.net/bugs/582576 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
