I've prepared a patch/NMU using the patch I uploaded to fix this in Ubuntu.
--
William Grant
diff -u htdig-3.2.0b6/htsearch/Display.cc htdig-3.2.0b6/htsearch/Display.cc
--- htdig-3.2.0b6/htsearch/Display.cc
+++ htdig-3.2.0b6/htsearch/Display.cc
@@ -138,7 +138,7 @@
// Must temporarily stash
Package: htdig
Version: 1:3.2.0b6-3.1
Severity: important
Tags: security
Hi
The following CVE[0] has been issued against htdig.
CVE-2007-6110:
Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6
allows remote attackers to inject arbitrary web script or HTML via the
sort parame
2 matches
Mail list logo
