[Pkg-mediawiki-devel] [php-geshi] New Upstream Release 1.0.8.8
Benny Baumann
BenBE at geshi.org
Mon May 24 19:22:32 UTC 2010
Hi guys,
please package the recent GeSHi 1.0.8.8 release.
http://qbnz.com/highlighter/news.php?id=127
And since you skipped about half a year:
http://qbnz.com/highlighter/news.php?id=126 (1.0.8.7)
http://qbnz.com/highlighter/news.php?id=125 (1.0.8.6)
http://qbnz.com/highlighter/news.php?id=124 (1.0.8.5)
For any questions, just ask.
Well, two some other points I just noticed:
Regarding the following issue:
http://security-tracker.debian.org/tracker/CVE-2008-5185
Only one particular release was vulnerable (1.0.7.22), more details on
my blog at http://blog.benny-baumann.de/ (and follow-ups). Thus 1.0.7.14
is not affected by the XML problem. So please close that one already ;-)
And as we are with oldstable:
http://security-tracker.debian.org/tracker/CVE-2008-5186
WHY hasn't this been patched for oldstable after about two years. The
patch I did for this (and supplied downstream) applies to all previous
versions without problems as that function hasn't been touched in ages.
Regards,
BenBE.
Note: I'm not subscribed, thus please CC on answers. TIA.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-mediawiki-devel/attachments/20100524/28a14ced/attachment-0001.pgp>
More information about the Pkg-mediawiki-devel
mailing list