Bug#415117: [pkg-horde] Bug#415117: imp4: XSS vulnerability in search
screen and thread view
Ola Lundqvist
opal at debian.org
Sun Mar 25 00:11:00 UTC 2007
Thanks a lot! I'm building a package now.
Regards,
// Ola
On Thu, Mar 22, 2007 at 01:14:56PM +0000, Marcos Marado wrote:
> On Thursday 22 March 2007 13:07, Marcos Marado wrote:
> > > Ola Lundqvist <opal at debian.org> wrote:
> > >
> > > Interesting! Will you create a fix for this?
> >
> > I took from the diff between imp-h3-4.1.4-rc1 and imp-h3-4.1.4 a working
> > patch to fix the XSS vulnerability. I'm not really sure if I should submit
> > a patch that would work against imp4_4.1.3-2 (in etch) or against
> > imp4_4.1.3-3 (in sid)... Well, probably it will work against both. I'll
> > send the patch after lunch.
>
> Here's the patch. It was created to be applied against imp4_4.1.3-2. Can I
> help in anything else?
>
> --
> Marcos Marado
> Sonaecom IT
> _______________________________________________
> pkg-horde-hackers mailing list
> pkg-horde-hackers at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-horde-hackers
--
--------------------- Ola Lundqvist ---------------------------
/ opal at debian.org Annebergsslingan 37 \
| ola at opalsys.net 654 65 KARLSTAD |
| +46 (0)54-10 14 30 +46 (0)70-332 1551 |
| http://opalsys.net/ UIN/icq: 4912500 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------
More information about the pkg-horde-hackers
mailing list