diff options
| author |   Thomas Deutschmann <whissi@gentoo.org> | 2017-09-28 22:54:55 +0200 |
|---|---|---|
| committer | Thomas Deutschmann <whissi@gentoo.org> | 2017-09-28 22:54:55 +0200 |
| commit | 612f47deca97e8d7ffc2100c1dbc82a602abdf39 (patch) | |
| tree | 714d18b438413833e38a20af15b6514bb8c7ac61 /glsa-200408-23.xml | |
| parent | Fix GLSA 201709-27 to reflect previous canonical name for libTIFF (diff) | |
| download | glsa-612f47deca97e8d7ffc2100c1dbc82a602abdf39.tar.gz glsa-612f47deca97e8d7ffc2100c1dbc82a602abdf39.tar.bz2 glsa-612f47deca97e8d7ffc2100c1dbc82a602abdf39.zip | |
GLSA format update
- Dates converted to ISO8601 [Bug #196681]
- Reference links changed to HTTPS where available [Bug #630750]
See: https://bugs.gentoo.org/196681
See: https://bugs.gentoo.org/630750
Diffstat (limited to 'glsa-200408-23.xml')
| -rw-r--r-- | glsa-200408-23.xml | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/glsa-200408-23.xml b/glsa-200408-23.xml index a1c27bdd..bdd7a0ad 100644 --- a/glsa-200408-23.xml +++ b/glsa-200408-23.xml @@ -1,6 +1,5 @@ <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> - <glsa id="200408-23"> <title>kdelibs: Cross-domain cookie injection vulnerability</title> <synopsis> @@ -9,8 +8,8 @@ web server. </synopsis> <product type="ebuild">kdelibs</product> - <announced>August 24, 2004</announced> - <revised>August 24, 2004: 01</revised> + <announced>2004-08-24</announced> + <revised>2004-08-24: 01</revised> <bug>61389</bug> <access>remote</access> <affected> @@ -46,8 +45,8 @@ be used instead of the cookie issued by the legitimate site. Depending on the design of the legitimate site, this may allow an attacker to gain access to the user's session. For further explanation on this type of - attack, see the paper titled "Session Fixation Vulnerability in - Web-based Applications" (reference 2). + attack, see the paper titled "Session Fixation Vulnerability in + Web-based Applications" (reference 2). </p> </impact> <workaround> @@ -63,17 +62,17 @@ <code> # emerge sync - # emerge -pv ">=kde-base/kdelibs-3.2.3-r2" - # emerge ">=kde-base/kdelibs-3.2.3-r2"</code> + # emerge -pv ">=kde-base/kdelibs-3.2.3-r2" + # emerge ">=kde-base/kdelibs-3.2.3-r2"</code> </resolution> <references> - <uri link="http://www.kde.org/info/security/advisory-20040823-1.txt">KDE Advisory</uri> + <uri link="https://www.kde.org/info/security/advisory-20040823-1.txt">KDE Advisory</uri> <uri link="http://www.acros.si/papers/session_fixation.pdf">Session Fixation Vulnerability in Web-based Applications</uri> </references> - <metadata tag="requester" timestamp="Mon, 23 Aug 2004 20:45:47 +0000"> + <metadata tag="requester" timestamp="2004-08-23T20:45:47Z"> jaervosz </metadata> - <metadata tag="submitter" timestamp="Tue, 24 Aug 2004 19:26:35 +0000"> + <metadata tag="submitter" timestamp="2004-08-24T19:26:35Z"> condordes </metadata> </glsa> |