Summary: | <net-proxy/squidguard-1.5_beta-r1: Reflected cross site scripting vulnerability in squidGuard.cgi | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | pinkbyte |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1348457 | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2016-06-22 07:00:51 UTC
@maintainer, fix is in the 1.5 release. The 1.5 available on the website matches the beta that is already in the tree. (In reply to Jeroen Roovers from comment #2) > The 1.5 available on the website matches the beta that is already in the > tree. --- squidGuard-1.4-patch-20150201/squidGuard.cgi 2015-02-02 03:43:27.000000000 +0900 +++ squidGuard-1.5-beta/samples/squidGuard.cgi.in 2010-09-09 19:34:32.000000000 +0900 Compared the upstream patch set for 1.4 against the 1.5 beta release in tree. All is good. @maintainer(s), please cleanup the vulnerable version in tree. Vulnerable versions are removed from tree |