| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Untaint-raw-data-coming-from-session-storage-backend.patch | [PATCH] Untaint raw data coming from session storage backends The various storage backends need to be considered trusted, so data coming out of them should be untainted. The _CLAIMED_ID comes from an HTTP cookie and is probably tainted, but presumably it's OK if it matched some data in the storage. |
Niko Tyni <ntyni@debian.org> | yes | debian upstream | 2016-01-12 |