Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 544
Alerts This Week
Warning Icon 1 544

Debian DSA-2009-1: Moderate Tdiary Cross-Site Scripting Threat

debian
Calendar Grey March 9, 2010
Scroller Debian
Debian Security Notice DSA-2020-5: Xwidget vulnerability patched for potential cross-origin exploits caused by inadequate filtering. Update immediately!
It was discovered that tdiary, a communication-friendly weblog system, is prone to a cross-site scripting vulnerability due to insuficient input sanitising in the TrackBack transmi...

Summary


For the stable distribution (lenny), this problem has been fixed in
version 2.2.1-1+lenny1.

For the testing distribution (squeeze), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 2.2.1-1.1.


We recommend that you upgrade your tdiary packages.


Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.



Debian GNU/Linux 5.0 alias lenny

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

Size/MD5 checksum: 1083 3256337487cc7177ac6a20a5815c2e5e
...

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.