[Spip-maintainers] Bug#609212: spip: Cross-Site Scripting and other security issues
Julien Cristau
jcristau at debian.org
Fri Jan 7 13:20:43 UTC 2011
user release.debian.org at packages.debian.org
usertag 609212 squeeze-can-defer
tag 609212 squeeze-ignore
kthxbye
On Fri, Jan 7, 2011 at 08:47:30 -0400, David Prévot wrote:
> Package: spip
> Version: 2.1.1-2
> Severity: grave
> Tags: security upstream patch
> Justification: user security hole
>
> Hi,
>
> Version 2.1.6 released Monday correct various security issues [1].
> According to the changelog [2], these should be addressed by r16879 [3],
> r16880 [4] and r16884 [5].
Can be fixed post release if necessary, not a blocker. If you do
upload a fix to unstable, please use high urgency and let the release
team know.
Cheers,
Julien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/spip-maintainers/attachments/20110107/d7c72977/attachment.pgp>
More information about the Spip-maintainers
mailing list