Re: [RHSA-2001:162-04] Updated namazu packages are available

From: NOKUBI Takatsugu (knokat_private)
Date: Wed Dec 26 2001 - 22:45:57 PST

Next message: EnGarde Secure Linux: "[ESA-20011227-01] stunnel format string vulnerability"

Previous message: Marc Maiffret: "RE: Too much misleading advice on the Universal Plug-and-Play security hole"
In reply to: bugzillaat_private: "[RHSA-2001:162-04] Updated namazu packages are available"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In article <200112250305.fBP35Wr26855at_private>
bugzillaat_private writes:

>> 3. Problem description:
>> 
>> namazu may inadvertently include malicious HTML tags or script in a
>> dynamically generated page based on unvalidated input from untrustworthy
>> sources.

The issue is still exist on Namazu 2.0.9... Namazu Project was
released 2.0.10, I recomment to use it.
-- 
NOKUBI Takatsugu
E-mail: knokat_private
	knokat_private / knokat_private

Next message: EnGarde Secure Linux: "[ESA-20011227-01] stunnel format string vulnerability"
Previous message: Marc Maiffret: "RE: Too much misleading advice on the Universal Plug-and-Play security hole"
In reply to: bugzillaat_private: "[RHSA-2001:162-04] Updated namazu packages are available"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Dec 27 2001 - 09:51:38 PST