"1.4.4 is a security fix release. All installations of Roundup are strongly encouraged to update." just bumping the ebuild should do.
in cvs, please stabilize
Sparc stable. Quick test using roundup-demo went as expected.
x86 stable
ppc stable, ready for glsa voting.
amd64 stable, too and now it's really ready for glsa.
Fixed in release snapshot.
Ready for vote. I vote NO.
NO too, and closing.
Did anyone actually check what the vulnerability was?
can someone please add CVE-2008-1474 to the topic?
Just for reference, Debian reported these as Cross-site scripting.