Debian: DSA 222-2 Critical: Mhonarc Remote Vulnerability
debian
January 3, 2003
A specially crafted HTML mail message can introduce foreign scripting content in archives, by-passing MHonArc's HTML script filtering.
Summary
Earl Hood, author of mhonarc, a mail to HTML converter, discovered a
cross site scripting vulnerability in this package. A specially
crafted HTML mail message can introduce foreign scripting content in
archives, by-passing MHonArc's HTML script filtering.
For the current stable distribution (woody) this problem has been
fixed in version 2.5.2-1.3.
For the old stable distribution (potato) this problem has been fixed
in version 2.4.4-1.3.
For the unstable distribution (sid) this problem has been fixed in
version 2.5.14-1.
We recommend that you upgrade your mhonarc package.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 2.2 alias potato
...
PREVIOUS
NEXT
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!