Package: gforge Version: 3.1-31 Severity: grave Tags: security Justification: user security hole
Hi! The changelog shows no trace that this is fixed: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0299 http://www.securityfocus.com/bid/12318 However, I did not actually check the code; if gforge is vulnerable, please coordinate with the security team. Thanks, Martin -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.11.9 Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntulinux.org Debian Developer http://www.debian.org
signature.asc
Description: Digital signature
