[Secure-testing-team] Bug#781414: Embedded code copies
David Prévot
taffit at debian.org
Sat Mar 28 22:10:43 UTC 2015
Package: collabtive
Version: 2.0+dfsg-5
Severity: important
Tags: security
Hi Gunnar,
I just noticed that the collabtive package embeds its own copy of (at
least) HTMLPurifier (as available in the php-htmlpurifier package) and
phpseclib (as available in the php-seclib package).
It looks like most existing PHP classes used as dependencies are
currently symlinked. You may consider including them from where they
belong instead.
Regards
David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20150328/07edf4ad/attachment.sig>
More information about the Secure-testing-team
mailing list