Summary: | net-misc/mediatomb Prototype JavaScript framework Cross-Site AJAX requests issue (CVE-2008-7220) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Alex Legler (RETIRED) <a3li> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | media-video |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://github.com/sstephenson/prototype/blob/master/CHANGELOG | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 284874 |
Description
Alex Legler (RETIRED)
2009-09-14 10:08:24 UTC
I'm tempted to mask and remove… This has been fixed by upstream in SVN r2036[1] and will be part of MediaTomb 0.12.0 which is scheduled for January 2010 release. [1] http://mediatomb.svn.sourceforge.net/viewvc/mediatomb?view=rev&revision=2036 This is fixed in bug #264235. (In reply to comment #3) > This is fixed in bug #264235. > Thanks. 0.12.0 is in the tree but I would like to wait some time for a security stabilization to see if any new bugs arise. net-misc/mediatomb-0.12.1 is ok to stable. Thanks. x86 stable amd64 stable, all arches done. removing myself to clean up bug queue Closing noglsa because of the low severity of this issue. |