Trac 0.9.1 is out and fixes some bugs, and some *security bugs* too. It would be nice if an ebuild for 0.9.1 was created. Reproducible: Always Steps to Reproduce:
According to a post from David Maciejak on Full-disclosure: Malicious user can conduct SQL injection in ticket query module because supplied 'group' URI data passed to the query script is not properly sanitized. PoC: http://host/trac/query?group=/* Vulnerable version: Version tested is 0.9 Maybe 0.9 betas are also vulnerable
Added 0.9.1 to CVS, removed 0.9_beta2 and 0.9. Are the (stable) 0.8.x vulnerable?
According to http://projects.edgewall.com/trac/wiki/ChangeLog only the 0.9 series is affected. Affected package was never stable so closing without GLSA.