* SECURITY UPDATE: Cross-site scripting via crafted sort type. (LP: #172277)
* htsearch/Display.cc, libhtdig/ResultFetch.cc: Don't display the sort type
if it is unrecognised.
* References:
CVE-2007-6110
-- William Grant <email address hidden> Sat, 01 Dec 2007 18:21:48 +1100
htdig (1:3.2. 0b6-3.1ubuntu0. 1) gutsy-security; urgency=low
* SECURITY UPDATE: Cross-site scripting via crafted sort type. (LP: #172277) Display. cc, libhtdig/ ResultFetch. cc: Don't display the sort type
* htsearch/
if it is unrecognised.
* References:
CVE-2007-6110
-- William Grant <email address hidden> Sat, 01 Dec 2007 18:21:48 +1100