Package: python-cjson Version: 1.0.5-1 Severity: important Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for python-cjson.
CVE-2009-4924[0]: | Dan Pascu python-cjson 1.0.5 does not properly handle a ['/'] argument | to cjson.encode, which makes it easier for remote attackers to conduct | certain cross-site scripting (XSS) attacks involving Firefox and the | end tag of a SCRIPT element. If you fix the vulnerability please also make sure to include the CVE id in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4924 http://security-tracker.debian.org/tracker/CVE-2009-4924 _______________________________________________ Python-modules-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/python-modules-team
