« RTIR 2.4.2 Now Available! | Main | RT 3.8.7 Released »

November 30, 2009

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d83456074b69e2012875f2165a970c

Listed below are links to weblogs that reference Session Fixation Vulnerability in RT versions before 3.8.6:

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Netzen Solutions Ltd

Nice Work,

I am about to install RT on Debian / Ubuntu, does that mean the .deb in the deb repos is still vulnerable?

If so I will make a patch!

Jesse


No, we worked with the debian folks to make sure they released an
update to RT with the security fix as we announced the vulnerability.

The comments to this entry are closed.