Debian Patches
Status for tryton-sao/6.0.28+ds1-2+deb12u2
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 01_xss_vulnerability_attachments_preview.patch | Prevent XSS vulnerability in the preview function of attachments Patch for security issue: https://discuss.tryton.org/t/security-release-for-issue-14290/8895 The HTML element used to display the document is based on the mimetype. And by default a sandboxed iframe is used to isolate the unsafe content from the parent context. |
Cédric Krier <cedric.krier@b2ck.com> | not-needed | upstream | https://foss.heptapod.net/tryton/tryton/-/commit/2530ef8dbd14c8080433eff99cab2be43b9fb47c | |
| 02_escape_completion_content.patch | no |
All known versions for source package 'tryton-sao'
- 7.0.47+ds1-1 (sid)
- 7.0.42+ds1-1 (forky)
- 7.0.28+ds1-1+deb13u2 (trixie, trixie-security)
- 6.0.28+ds1-2+deb12u2 (bookworm, bookworm-security)