<dev-util/buildbot-0.7.11_p3 has cross-site scripting vulnerabilities.
CVE-2009-2959 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2959): Cross-site scripting (XSS) vulnerability in the waterfall web status view (status/web/waterfall.py) in Buildbot 0.7.6 through 0.7.11p1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CVE-2009-2967 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2967): Multiple cross-site scripting (XSS) vulnerabilities in Buildbot 0.7.6 through 0.7.11p2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, different vulnerabilities than CVE-2009-2959.
Arches, please test and mark stable: =dev-util/buildbot-0.7.11_p3 Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86"
x86 stable
Stable on alpha.
Stable for HPPA.
ppc stable
ppc64 done
arm/ia64/s390/sh/sparc stable
amd64 stable, all arches done.
XSS in Webapps -> noglsa. Closing.