It was discovered that Trac, a wiki and issue tracking system for
software development projects, performs insufficient validation against
cross-site request forgery, which might lead to an attacker being able
to perform manipulation of a Trac site with the privileges of the
attacked Trac user.
For the stable distribution (sarge) this problem has been fixed in
version 0.8.1-3sarge7.
For the unstable distribution (sid) this problem has been fixed in
version 0.10.1-1.
We recommend that you upgrade your trac package.
CPE | Name | Operator | Version |
---|---|---|---|
trac | eq | 0.8.1-3 | |
trac | eq | 0.8.1-3sarge1 | |
trac | eq | 0.8.1-3sarge2 | |
trac | eq | 0.8.1-3sarge3 | |
trac | eq | 0.8.1-3sarge4 | |
trac | eq | 0.8.1-3sarge5 |