urosm
/
ikiwiki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add more details of CVE-2015-2793

master
smcv 2015-04-14 13:38:13 -04:00 committed by admin
parent 8ad932efd5
commit 0252e5703d
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
doc/security.mdwn
View File

@ -500,9 +500,9 @@ as version 3.20100815.9. An upgrade is recommended for all sites.
## XSS via openid selector
Raghav Bisht discovered this XSS in the openid selector.
Raghav Bisht discovered this XSS in the openid selector. ([[!cve CVE-2015-2793]])
The hole was reported on March 24th, a fix was developed on March 27th,
and the fixed version was released on the 29th. A fix was backported
to Debian wheezy as version 3.20141016.2. An upgrade is recommended for
sites using CGI and openid.
and the fixed version 3.20150329 was released on the 29th. A fix was backported
to Debian jessie as version 3.20141016.2 and to Debian wheezy as version
3.20120629.2. An upgrade is recommended for sites using CGI and openid.