[Bug 740142] Re: persistent xss vector in (unescaped) filenames in revision views

Thu, 24 Mar 2011 23:11:50 -0700 

This bug was fixed in the package loggerhead - 1.17-0ubuntu1.1

---------------
loggerhead (1.17-0ubuntu1.1) karmic-security; urgency=low

  * SECURITY UPDATE: Cross-site scripting vulnerabilities by crafted branch
    contents. (LP: #740142)
    - debian/patches/bug-740142.diff: improve escaping of filenames.
    - CVE-2011-0728
 -- William Grant <william.gr...@canonical.com>   Thu, 24 Mar 2011 14:01:44 
+1100

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/740142

Title:
  persistent xss vector in (unescaped) filenames in revision views

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to