CVE-2008-6884 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-6884): Multiple directory traversal vulnerabilities in XOOPS 2.3.1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xoopsConfig[language] parameter to (1) blocks.php and (2) main.php in xoops_lib/modules/protector/.
+*xoops-2.3.3 (13 Aug 2009) + + 13 Aug 2009; Alex Legler <a3li@gentoo.org> -xoops-2.2.4.ebuild, + +xoops-2.3.3.ebuild: + Non-maintainer commit: Version bump for security bug 280016. Removing + vulnerable version. +