Debian Security Advisory DSA 2008-1 (typo3-src)

Summary
The remote host is missing an update to typo3-src announced via advisory DSA 2008-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202008-1
Insight
Several remote vulnerabilities have been discovered in the TYPO3 web content management framework: Cross-site scripting vulnerabilities have been discovered in both the frontend and the backend. Also, user data could be leaked. More details can be found in the Typo3 security advisory: http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/ For the stable distribution (lenny), these problems have been fixed in version 4.2.5-1+lenny3. For the upcoming stable distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 4.3.2-1. We recommend that you upgrade your typo3-src package.