Edgewall Software Trac Search Module SQL Injection Vulnerability

Edgewall Software Trac Search Module SQL Injection Vulnerability

Solution:

Please see the referenced advisories for further information:

- Debian Linux has released security advisory DSA 951-1 to address this issue.
- Debian Linux has released updated security advisory DSA 951-2 addressing this issue.

The vendor has released version 0.9.2 addressing this issue:

Edgewall Software Trac 0.7.1

Edgewall Software trac-0.9.1.tar.gz
ftp://ftp.edgewall.com/pub/trac/trac-0.9.1.tar.gz

Edgewall Software trac-0.9.2.tar.gz
http://ftp.edgewall.com/pub/trac/trac-0.9.2.tar.gz

Edgewall Software Trac 0.8.1

Debian trac_0.8.1-3sarge4_all.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/t/trac/trac_0.8.1-3sarge4 _all.deb

Edgewall Software trac-0.9.1.tar.gz
ftp://ftp.edgewall.com/pub/trac/trac-0.9.1.tar.gz

Edgewall Software trac-0.9.2.tar.gz
http://ftp.edgewall.com/pub/trac/trac-0.9.2.tar.gz

Edgewall Software Trac 0.8.3

Edgewall Software trac-0.9.1.tar.gz
ftp://ftp.edgewall.com/pub/trac/trac-0.9.1.tar.gz

Edgewall Software trac-0.9.2.tar.gz
http://ftp.edgewall.com/pub/trac/trac-0.9.2.tar.gz

Edgewall Software Trac 0.8.4

Edgewall Software trac-0.9.1.tar.gz
ftp://ftp.edgewall.com/pub/trac/trac-0.9.1.tar.gz

Edgewall Software trac-0.9.2.tar.gz
http://ftp.edgewall.com/pub/trac/trac-0.9.2.tar.gz

Edgewall Software Trac 0.9

Edgewall Software trac-0.9.1.tar.gz
ftp://ftp.edgewall.com/pub/trac/trac-0.9.1.tar.gz

Edgewall Software trac-0.9.2.tar.gz
http://ftp.edgewall.com/pub/trac/trac-0.9.2.tar.gz

Edgewall Software Trac 0.9.1

Edgewall Software trac-0.9.2.tar.gz
http://ftp.edgewall.com/pub/trac/trac-0.9.2.tar.gz