Accepted kanboard 1.2.26+ds-4 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted kanboard 1.2.26+ds-4 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Thu, 08 Jun 2023 02:23:21 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: kanboard_1.2.26+ds-4_source.changes
- Debian-source: kanboard
- Debian-suite: unstable
- Debian-version: 1.2.26+ds-4
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=DQ9D8IZxq5613d4EhU80H6qDmPsxVf5kZZa/noMk92o=; b=NhGCph0aKmvlotmLTy7tpGZIB7 6FkRnB8bRZskBWY2xs3zU7TMXaLGsyvB9oehQeJBJcT03z+NYC7KUlMm3q+fk5zuGvFqdRnIZ3+Vy HknWhSwBnGT0fepOFvPhXG9zN/MTu4OvLfBVNM9Fwkn2B1dANI8x9y6O7Dvf4OUrCrdHQ8WMqW2tw zwRfZY1UDaHAXW77JLpX2/o8cYdYCziWKMe622B3OCwtjs0SBQRYp9k1/9v6ValE6EHAvvMJvFKhd XQKjZbTfXJBVspCkUC9WFmjEXeNLftmEbMi3XGN6ALfaQNhF0cmNJhecQed/rUqTtl3oNNpH9MBgq JGqgCB2g==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1q75J3-00G4P8-TI@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 07 Jun 2023 20:45:40 -0400
Source: kanboard
Architecture: source
Version: 1.2.26+ds-4
Distribution: unstable
Urgency: medium
Maintainer: Joseph Nahmias <jello@debian.org>
Changed-By: Joseph Nahmias <jello@debian.org>
Closes: 1037167
Changes:
kanboard (1.2.26+ds-4) unstable; urgency=medium
.
* backport security fixes from kanboard v1.2.30
> CVE-2023-33956: Parameter based Indirect Object Referencing leading
to private file exposure
> CVE-2023-33968: Missing access control allows user to move and
duplicate tasks to any project in the software
> CVE-2023-33969: Stored XSS in the Task External Link Functionality
> CVE-2023-33970: Missing access control in internal task links feature
(Closes: #1037167)
Checksums-Sha1:
1ff48b433817a7b18b5a9398551e479206f0c4c9 2765 kanboard_1.2.26+ds-4.dsc
93f9b9aed95e55fe7356d75daa8bd6d54e15eb0e 18368 kanboard_1.2.26+ds-4.debian.tar.xz
2f4a0c6e1feba292d36e7ed73b91f161a8f488b9 11442 kanboard_1.2.26+ds-4_amd64.buildinfo
Checksums-Sha256:
0dd09115ba6b512ac93baddbe8896bd24b5b4700d551da598898bf8761bd685c 2765 kanboard_1.2.26+ds-4.dsc
46f0dd53c1f66ac2aebf72ae4649d45644344e3b3fe127d26bb9db0bb8a05971 18368 kanboard_1.2.26+ds-4.debian.tar.xz
533e1350c806ee7f0fca241aa053ae8fcc31a120d068fd4d6f74ec783aa1ed81 11442 kanboard_1.2.26+ds-4_amd64.buildinfo
Files:
c63bb3ca67b67de40ef7c26b1ba08d18 2765 web optional kanboard_1.2.26+ds-4.dsc
a95eb66ac18cd6c1859df0ed84876472 18368 web optional kanboard_1.2.26+ds-4.debian.tar.xz
a697d468e6133a820a84179500cc6a96 11442 web optional kanboard_1.2.26+ds-4_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEcxc7CTsDz7hRCK0UsRvZGQeaO5gFAmSBM7sACgkQsRvZGQea
O5i91A/9FvqEIUrD59X6SX7l87KtJ52fIaNmpVLGPWJAkHKmlOiBIiQWEmyi77GJ
dfMEc0QE7G03PnZz9/QlGFhvKa7lhYahv9mSzY5ZQoeDgfLbD4964QoNubfqKJ2D
MWhu6iMu+pWOWRnmeTDcv8gs2ccqLaro+MN6CdCl7pzXTr744ISqavcrEpUSjHWT
Usx1PAsWh9w89QhvsrS3+AjSC5BuBXB1rmdmiYFzXvKzp/F4gNagVLlktjDbLj9v
Kx1oGJ1juV0fRCJq/yQu2Kc+Jac9rWHzRyMscTcK2jhvenNmH3OYfuBh4sAQjKH4
9xg9d4P2dL2jJ91wGtpyZVrjUmFCdjwxrMVT2wH4EOskFvaU0xnoY5wo20D+HzT7
QnASFMBP3dIqwsn2BSDadFLtuDA6RgFQQm0XESJ7tjuupcluaJ8GqErVpghQdmvw
UuSQbWzKTBW+I1TQTOzAd2XmucmzVtmuakU3xKDdk7eKSZJ8OKFEFTEv5qjU8OuB
WrwqX48/smcXTRFExTOMYQEcAccqqtXxU9nAjeURDVbWBEbUjZrgi5vJ5cI+WR0b
1DZ4g+E/YeYWvy3Mc7tCMNPcOlB7qs0+drRR/flUhJGP4TNdv76D9BcxHZ6LFbcq
5Kz22V2lW6mCmLsY1itR7FtcHNsAke39bPWm+ylWXe3SEw6ccio=
=f1+u
-----END PGP SIGNATURE-----