[Secure-testing-team] Bug#726284: xhprof: XSS (no CVE yet)

Moritz Muehlenhoff jmm at inutil.org
Mon Oct 14 05:18:21 UTC 2013

Previous message: [Secure-testing-team] Bug#726093: python-scipy: CVE-2013-4251: weave /tmp and current directory issues
Next message: [Secure-testing-team] iLike tech/apple parts wholesale
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Package: xhprof
Severity: grave
Tags: security
Justification: user security hole

Hi,
fixed in 0.9.4: http://pecl.php.net/package-changelog.php?package=xhprof&release=0.9.4
http://www.openwall.com/lists/oss-security/2013/10/14/1

Cheers,
        Moritz

Previous message: [Secure-testing-team] Bug#726093: python-scipy: CVE-2013-4251: weave /tmp and current directory issues
Next message: [Secure-testing-team] iLike tech/apple parts wholesale
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Secure-testing-team mailing list