A mantis security update has been released for Debian GNU/Linux
- ------------------------------------------------------------------------- Debian Security Advisory DSA-2308-1 security@debian.org http://www.debian.org/security/ Moritz Muehlenhoff September 12, 2011 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mantis Vulnerability : several Problem type : remote Debian-specific: no CVE ID : CVE-2011-3357 CVE-2011-3358 Debian Bug : 640297 Several vulnerabilities were found in Mantis, a web-based bug tracking system: Insufficient input validation could result in local file inclusion and cross-site scripting. For the oldstable distribution (lenny), this problem has been fixed in version 1.1.6+dfsg-2lenny6. For the stable distribution (squeeze), this problem has been fixed in version 1.1.8+dfsg-10squeeze1. For the unstable distribution (sid), this problem has been fixed in version 1.2.7-1. We recommend that you upgrade your mantis packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/
This entry was posted
on 3:22 PM
.
Archives
-
▼
2011
(171)
-
▼
September
(30)
- ARM-based vehicle PC has integral touchscreen
- ispCP Omega 1.08 released
- CompatDB Updates 09/26/11
- CentOS-6.0 Continuous Release i386 and x86_64
- MEGATech Guide to Rooting Your Android Device Pa...
- Folks 0.6.3.1
- FCC announces first step toward public testing of ...
- High-end Korean phones feature Android 2.3, cool c...
- Google Wallet launches with Visa, AmEx, and Discover
- Google buys IBM patents as Samsung and Apple trade...
- Atom-based 3.5-inch SBC features touchscreen contr...
- 3 Open Source Web Analytics Tools If You're Not A ...
- Parallel JavaScript will turbo-charge web apps, In...
- Ruggedized industrial box loads up on serial ports
- How To: Change Themes On Ubuntu 11.10
- Linux Foundation sites hacked, but kernel said to ...
- Mantis Security Update for Debian
- XLP II SoC promises up to 20 quad-threaded 2.5GHz ...
- Google sells patents to HTC to fight Apple suit
- CentOS 4 i386 and x86_64 EOL Notice
- How to install MongoDB on ubuntu server
- Mozilla Firefox 6.0.2 Update for openSUSE 11.4
- Tiny home theater PC offers IR receiver, remote
- Troubleshooting common Xen problems
- Debian / Ubuntu Linux: Configure Network Bonding
- August has been the craziest tech month ever
- Ubuntu 11.10 beta gives Software Center a Mac-like...
- Atom-powered industrial PC offers choice of expans...
- Linux-ready 4G base-station SoCs begin sampling
- Android conference announces speakers
-
▼
September
(30)