Bug#415117: [pkg-horde] Bug#415117: imp4: XSS vulnerability in search
screen and thread view
Marcos Marado
Marcos.Marado at sonae.com
Thu Mar 22 14:14:56 UTC 2007
On Thursday 22 March 2007 13:07, Marcos Marado wrote:
> > Ola Lundqvist <opal at debian.org> wrote:
> >
> > Interesting! Will you create a fix for this?
>
> I took from the diff between imp-h3-4.1.4-rc1 and imp-h3-4.1.4 a working
> patch to fix the XSS vulnerability. I'm not really sure if I should submit
> a patch that would work against imp4_4.1.3-2 (in etch) or against
> imp4_4.1.3-3 (in sid)... Well, probably it will work against both. I'll
> send the patch after lunch.
Here's the patch. It was created to be applied against imp4_4.1.3-2. Can I
help in anything else?
--
Marcos Marado
Sonaecom IT
-------------- next part --------------
A non-text attachment was scrubbed...
Name: imp-XSS-fix.patch
Type: text/x-diff
Size: 4155 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-horde-hackers/attachments/20070322/f1712bc2/imp-XSS-fix.bin
More information about the pkg-horde-hackers
mailing list