Secunia Security Advisory - Debian has issued an update for b2evolution. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
d31130fbf833f8a58536c8282accadd85c926b96d62c1e49d6f81bbd7cff27e7
----------------------------------------------------------------------
Secunia Network Software Inspector 2.0 (NSI) - Public Beta
The Public Beta has ended. Thanks to all that participated.
Learn more:
http://secunia.com/network_software_inspector_2/
----------------------------------------------------------------------
TITLE:
Debian update for b2evolution
SECUNIA ADVISORY ID:
SA30093
VERIFY ADVISORY:
http://secunia.com/advisories/30093/
CRITICAL:
Not critical
IMPACT:
Cross Site Scripting
WHERE:
>From remote
OPERATING SYSTEM:
Debian GNU/Linux 4.0
http://secunia.com/product/13844/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/
DESCRIPTION:
Debian has issued an update for b2evolution. This fixes a
vulnerability, which can be exploited by malicious people to conduct
cross-site scripting attacks.
For more information:
SA23656
SOLUTION:
Apply updated packages.
-- Debian GNU/Linux 4.0 alias etch --
Source archives:
http://security.debian.org/pool/updates/main/b/b2evolution/b2evolution_0.9.2-3+etch1.diff.gz
Size/MD5 checksum: 14774 0513ba676280c394ab9494ccdfea35e5
http://security.debian.org/pool/updates/main/b/b2evolution/b2evolution_0.9.2.orig.tar.gz
Size/MD5 checksum: 2754129 6014a784ecc92a3a875e7ac69939047b
http://security.debian.org/pool/updates/main/b/b2evolution/b2evolution_0.9.2-3+etch1.dsc
Size/MD5 checksum: 882 3938cec5016aa5ac8c838ee668121832
Architecture independent packages:
http://security.debian.org/pool/updates/main/b/b2evolution/b2evolution_0.9.2-3+etch1_all.deb
Size/MD5 checksum: 2818756 6174d72fee72c0f6ff6e4221344799cc
-- Debian GNU/Linux unstable alias sid --
Fixed in version 0.9.2-4.
ORIGINAL ADVISORY:
http://www.debian.org/security/2008/dsa-1568
OTHER REFERENCES:
SA23656:
http://secunia.com/advisories/23656/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------