[pkg-horde] Bug#837150: Fix XSS with data:html links and form actions

Salvatore Bonaccorso carnil at debian.org
Thu Mar 9 14:29:31 UTC 2017


On Fri, Sep 09, 2016 at 11:08:55AM +0200, Mathieu Parent wrote:
> Will upload lastest version to sid shortly, and I plan to fix this in
> jessie too.

Do you still plan to work on the jessie update as well? I would tend
to mark this (CVE-2016-5303, #837150) as no-dsa and propose to fix it
via an upcoming point release.


More information about the pkg-horde-hackers mailing list