On Sun, 2007-03-18 at 22:04 +0100, Moritz Muehlenhoff
wrote:> Hi Thijs,
> does this affect Debian''s version [of serendipity]?
Hi Moritz,
According to upstream this is a non-issue: there''s no injection, only
error output showing the query.
http://blog.s9y.org/archives/164-Serendipity-1.1.2-released.html
I propose to consider this CVE as "not relevant" for Debian.
Thijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20070404/d8e48440/attachment.pgp