This bug was fixed in the package loggerhead - 1.17+bzr424-1ubuntu1.1
---------------
loggerhead (1.17+bzr424-1ubuntu1.1) maverick-security; urgency=low
* SECURITY UPDATE: Cross-site scripting vulnerabilities by crafted branch
contents. (LP: #740142)
- debian/patches/bug-740142.diff: improve escaping of filenames.
- CVE-2011-0728
-- William Grant <william.gr...@canonical.com> Thu, 24 Mar 2011 13:20:04
+1100
** Changed in: loggerhead (Ubuntu Maverick)
Status: New => Fix Released
** Changed in: loggerhead (Ubuntu Lucid)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/740142
Title:
persistent xss vector in (unescaped) filenames in revision views
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
