---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links Read the full description: http://corporate.secunia.com/products/48/?r=l Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l ---------------------------------------------------------------------- TITLE: Debian update for trac SECUNIA ADVISORY ID: SA22868 VERIFY ADVISORY: http://secunia.com/advisories/22868/ CRITICAL: Less critical IMPACT: Hijacking WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux 3.1 http://secunia.com/product/5307/ Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ DESCRIPTION: Debian has issued an update for trac. This fixes a vulnerability which can be exploited by malicious people to conduct cross-site request forgery attacks. For more information: SA22789 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/t/trac/trac_0.8.1-3sarge7.dsc Size/MD5 checksum: 656 3e2a71eb01a324d3a26f9e6c001fbba5 http://security.debian.org/pool/updates/main/t/trac/trac_0.8.1-3sarge7.diff.gz Size/MD5 checksum: 14842 9cdb9eed54faecbe2c4df8f5106dafdb http://security.debian.org/pool/updates/main/t/trac/trac_0.8.1.orig.tar.gz Size/MD5 checksum: 236791 1b6c44fae90c760074762b73cdc88c8d Architecture independent components: http://security.debian.org/pool/updates/main/t/trac/trac_0.8.1-3sarge7_all.deb Size/MD5 checksum: 200092 5c0659ad7e99970da829c0258209b747 -- Debian GNU/Linux unstable alias sid -- Fixed in version 0.10.1-1 ORIGINAL ADVISORY: http://www.us.debian.org/security/2006/dsa-1209 OTHER REFERENCES: SA22789: http://secunia.com/advisories/22789 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------