Hi Ola, On Wed, May 04, 2005 at 06:34:51PM +0200, Ola Lundqvist wrote: > Two days ago (if I remember correctly) I uploaded a number > of horde packages that had an cross site scripting vulnerability > in them. As the packages is now frozen I want them to be forced > in to sarge. > The pacakges are: > kronolith, #307170, CAN-2005-1314 > sork-accounts, #307175, CAN-2005-1318 > sork-forwards, #307175, CAN-2005-1318 > sork-vacation, #307174, CAN-2005-1318 > turba, #307179, CAN-2005-1315 > You will notice that all of these uploads are of new upstream > version. The upstream changes is small and in some cases just > contain this fix. All these versions are stable from a upstream > perspective so it should be safe to push them into sarge. All approved. > I have also uploaded a new version of imp4 with a number of > fixes from upstream. If you think that is acceptable it would be > very nice if you could push that in too. But this is up to you > to decide. Not with that explanation. If you have specific fixes you think are important, please give us details about them. Cheers, -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature