Comment 6 for bug 394290

This bug was fixed in the package trac - 0.11.5-2ubuntu1.1

---------------
trac (0.11.5-2ubuntu1.1) karmic-security; urgency=low

  * SECURITY UPDATE: Multiple unspecified vulnerabilities in Trac
    before 0.11.6 have unknown impact and attack vectors, possibly
    related to (1) "policy checks in report results when using alternate
    formats" or (2) a "check for the 'raw' role that is missing
    in docutils < 0.6." (LP: #394290)
    - debian/patches/21_CVE-2009-4405.dpatch
    - CVE-2009-4405
 -- Artur Rona <email address hidden> Sat, 24 Apr 2010 02:53:57 +0200