This bug was fixed in the package gnatsweb - 4.00-1ubuntu0.7.04
--------------- gnatsweb (4.00-1ubuntu0.7.04) feisty-security; urgency=low
* SECURITY UPDATE: + gnatsweb.pl (LP: #191196) - Fixed missing escaping of the database parameter which leads to a cross-site scripting vulnerability (XSS) via this parameter (CVE-2007-2808). + debian/control - Switch Maintainer to Ubuntu MOTU Developers * References: + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2808 + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=427156
-- Emanuele Gentili <email address hidden> Fri, 29 Feb 2008 03:40:07 +0100
This bug was fixed in the package gnatsweb - 4.00-1ubuntu0.7.04
--------------- 7.04) feisty-security; urgency=low
gnatsweb (4.00-1ubuntu0.
* SECURITY UPDATE: cve.mitre. org/cgi- bin/cvename. cgi?name= CVE-2007- 2808 bugs.debian. org/cgi- bin/bugreport. cgi?bug= 427156
+ gnatsweb.pl (LP: #191196)
- Fixed missing escaping of the database parameter which leads
to a cross-site scripting vulnerability (XSS) via this
parameter (CVE-2007-2808).
+ debian/control
- Switch Maintainer to Ubuntu MOTU Developers
* References:
+ http://
+ http://
-- Emanuele Gentili <email address hidden> Fri, 29 Feb 2008 03:40:07 +0100