[pkg-horde] Bug#837151: Bug#837150: Fix XSS with data:html links and form actions
Mathieu Parent
math.parent at gmail.com
Thu Mar 9 14:39:46 UTC 2017
2017-03-09 15:29 GMT+01:00 Salvatore Bonaccorso <carnil at debian.org>:
> Hello!
Hello Salvatore,
> On Fri, Sep 09, 2016 at 11:08:55AM +0200, Mathieu Parent wrote:
>> Will upload lastest version to sid shortly, and I plan to fix this in
>> jessie too.
>
> Do you still plan to work on the jessie update as well? I would tend
> to mark this (CVE-2016-5303, #837150) as no-dsa and propose to fix it
> via an upcoming point release.
No. Unfortunately, I won't have time.
Same for #837148, #837149 and #8371451.
Cheers,
--
Mathieu
More information about the pkg-horde-hackers
mailing list