Back to acidlab PTS page

Accepted acidlab 0.9.6b20-10.1 (source all)

To: debian-changes@lists.debian.org
Subject: Accepted acidlab 0.9.6b20-10.1 (source all)
From: Javier Fernandez-Sanguino Pen~a <jfs@computer.org>
Date: Mon, 14 Nov 2005 02:02:06 -0800
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1EbbA6-00034H-Q6@spohr.debian.org>
Reply-to: debian-devel@lists.debian.org
Sender: Archive Administrator <katie@ftp-master.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 30 Oct 2005 22:05:35 +0100
Source: acidlab
Binary: acidlab-doc acidlab-pgsql acidlab acidlab-mysql
Architecture: source all
Version: 0.9.6b20-10.1
Distribution: stable-security
Urgency: high
Maintainer: Jeremy T. Bouse <jbouse@debian.org>
Changed-By: Javier Fernandez-Sanguino Pen~a <jfs@computer.org>
Description: 
 acidlab    - Analysis Console for Intrusion Databases
 acidlab-doc - Analysis Console for Intrusion Databases (documentation)
 acidlab-mysql - Analysis Console for Intrusion Databases for MySQL
 acidlab-pgsql - Analysis Console for Intrusion Databases for Postgres
Changes: 
 acidlab (0.9.6b20-10.1) stable-security; urgency=high
 .
   * Patch [013] SECURITY fix:
     - Add proper filtering in all ImportHTTP variables using either the new
     functions to check for numeric/alphanumeric chars or the filterSql()
     function to prevent SQL injection attacks. This patch fixes CVE-2005-3325
     but also other attack vectors not mentioned in the initial advisory
     (http://www.frsirt.com/english/advisories/2005/2188)
Files: 
 0bae590a4e21f77779ee5b904d5b7457 696 web extra acidlab_0.9.6b20-10.1.dsc
 02346f1d88573440afe79e8e3eca13a7 352092 web extra acidlab_0.9.6b20-10.1.diff.gz
 f78fc7c230991b9949cbd2eb5b0d54fc 4414 web extra acidlab-mysql_0.9.6b20-10.1_all.deb
 3eaec77032a2c3e5044f3c649e802a5f 4416 web extra acidlab-pgsql_0.9.6b20-10.1_all.deb
 0382bf72c1ac0121f196d26b0d8462fb 275994 web extra acidlab-doc_0.9.6b20-10.1_all.deb
 9f6a40fc2f63e296c03029d04b92273c 660860 web extra acidlab_0.9.6b20-10.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDdQZ7sandgtyBSwkRAptQAJ4z9mc9gKpC4F68w0yGWGqF5brEjQCcCh8L
U8q0lz52FI99wgTfJ+7O9UY=
=JLOx
-----END PGP SIGNATURE-----


Accepted:
acidlab-doc_0.9.6b20-10.1_all.deb
  to pool/main/a/acidlab/acidlab-doc_0.9.6b20-10.1_all.deb
acidlab-mysql_0.9.6b20-10.1_all.deb
  to pool/main/a/acidlab/acidlab-mysql_0.9.6b20-10.1_all.deb
acidlab-pgsql_0.9.6b20-10.1_all.deb
  to pool/main/a/acidlab/acidlab-pgsql_0.9.6b20-10.1_all.deb
acidlab_0.9.6b20-10.1.diff.gz
  to pool/main/a/acidlab/acidlab_0.9.6b20-10.1.diff.gz
acidlab_0.9.6b20-10.1.dsc
  to pool/main/a/acidlab/acidlab_0.9.6b20-10.1.dsc
acidlab_0.9.6b20-10.1_all.deb
  to pool/main/a/acidlab/acidlab_0.9.6b20-10.1_all.deb