[Pkg-trac-devel] trac issues
Luis Matos
gass at otiliamatos.ath.cx
Mon Feb 23 21:27:43 UTC 2009
I think these security advisories are only for the 0.11.x versions, and
not for the 0.10.x versions (from etch).
the fix for the first SA was responsible for the second SA.
if you compare html.py from 0.11.x[0] and 0.10.x[1], they are a lot
different and use a diferent rendering (as in html syntax render) engine
(0.11.x uses genshi).
[0]
http://trac.edgewall.org/browser/trunk/trac/util/html.py?rev=6904#L15
[1]
http://trac.edgewall.org/browser/branches/0.10-stable/trac/util/html.py
thanks
Luis Matos
Seg, 2009-02-23 às 22:02 +1100, Steffen Joeris escreveu:
> Hi
>
> It looks like etch is affected by two trac issues[0][1], which might warrant a
> DSA this time. :)
> Could one of you maybe prepare a debdiff and send it to
> team at security.debian.org to request an upload for oldstable-security?
> I won't get around for this tonight and would appreciate, if one of you could
> work on it too, since I don't use trac.
>
> Cheers
> Steffen
>
> [0]: http://security-tracker.debian.net/tracker/CVE-2008-5646
>
> [1]: http://security-tracker.debian.net/tracker/CVE-2008-5647
> _______________________________________________
> Pkg-trac-devel mailing list
> Pkg-trac-devel at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-trac-devel
More information about the Pkg-trac-devel
mailing list