Hello All, On Thu, 2005-10-27 at 15:49 +0200, Moritz Muehlenhoff wrote: > All affect Sarge.
I've prepared updated packages for sarge. My updated package for sid is still pending with my sponsor Luk Claes. The updated packages for sarge are available here: http://www.a-eskwadraat.nl/~kink/mantis_sec/ They are not signed since I'm not a DD yet. Please let me know if you have comments or questions. Regarding woody: > Woody seems unaffected, but 3337 should be double-checked in a real-life > environment. > which is not present in Woody, but might have an equivalent in 0.17. I > couldn't > find it with grep, but it should again be tested in a production mantis > environment, > as the bug contains a demo page with the XSS. I've tried, but I can't even get the woody version to run on woody... Any login or account-creation step yields errors. Hence, I can't test them, but agree with Moritz assertions that woody is most probably not vulnerable. regards Thijs Kinkhorst
signature.asc
Description: This is a digitally signed message part
