----------------------------------------------------------------------

Secunia Network Software Inspector 2.0 (NSI) - Public Beta

The Public Beta has ended. Thanks to all that participated.

Learn more:
http://secunia.com/network_software_inspector_2/

----------------------------------------------------------------------

TITLE:
Debian update for b2evolution

SECUNIA ADVISORY ID:
SA30093

VERIFY ADVISORY:
http://secunia.com/advisories/30093/

CRITICAL:
Not critical

IMPACT:
Cross Site Scripting

WHERE:
>From remote

OPERATING SYSTEM:
Debian GNU/Linux 4.0
http://secunia.com/product/13844/
Debian GNU/Linux unstable alias sid
http://secunia.com/product/530/

DESCRIPTION:
Debian has issued an update for b2evolution. This fixes a
vulnerability, which can be exploited by malicious people to conduct
cross-site scripting attacks.

For more information:
SA23656

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 4.0 alias etch --

Source archives:

http://security.debian.org/pool/updates/main/b/b2evolution/b2evolution_0.9.2-3+etch1.diff.gz
Size/MD5 checksum: 14774 0513ba676280c394ab9494ccdfea35e5
http://security.debian.org/pool/updates/main/b/b2evolution/b2evolution_0.9.2.orig.tar.gz
Size/MD5 checksum: 2754129 6014a784ecc92a3a875e7ac69939047b
http://security.debian.org/pool/updates/main/b/b2evolution/b2evolution_0.9.2-3+etch1.dsc
Size/MD5 checksum: 882 3938cec5016aa5ac8c838ee668121832

Architecture independent packages:

http://security.debian.org/pool/updates/main/b/b2evolution/b2evolution_0.9.2-3+etch1_all.deb
Size/MD5 checksum: 2818756 6174d72fee72c0f6ff6e4221344799cc

-- Debian GNU/Linux unstable alias sid --

Fixed in version 0.9.2-4.

ORIGINAL ADVISORY:
http://www.debian.org/security/2008/dsa-1568

OTHER REFERENCES:
SA23656:
http://secunia.com/advisories/23656/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------