Simon McVittie
2009-Oct-24 14:59 UTC
[Secure-testing-team] Bug#552235: acidbase: multiple security flaws, needs maintenance or removal?
Package: acidbase Version: 1.3.9-1 Severity: grave Tags: security Justification: user security hole From <http://base.secureideas.net/>:> BASE 1.4.4 (dawn) released! > ... > This release fixes a number of flaws as well as ome security flaws > All users must upgrade as these flaws have existed through numerous releases > of BASE.and> BASE 1.4.3 (gabi) released! > ... > This release fixes a number of XSS flaws as well as a potential SQL > injection flaw.-- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, ''unstable''), (500, ''testing''), (500, ''stable''), (101, ''experimental'') Architecture: i386 (x86_64) Kernel: Linux 2.6.31-trunk-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 793 bytes Desc: Digital signature URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20091024/20fee934/attachment.pgp>