Back to mantis PTS page

Accepted mantis 0.19.2-4.1 (source all)

To: debian-changes@lists.debian.org
Subject: Accepted mantis 0.19.2-4.1 (source all)
From: Thijs Kinkhorst <kink@squirrelmail.org>
Date: Mon, 21 Nov 2005 22:02:06 -0800
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1EeREE-0006Eh-VO@spohr.debian.org>
Reply-to: debian-devel@lists.debian.org
Sender: Archive Administrator <katie@ftp-master.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 29 Oct 2005 21:53:06 +0200
Source: mantis
Binary: mantis
Architecture: source all
Version: 0.19.2-4.1
Distribution: stable-security
Urgency: high
Maintainer: Hilko Bengen <bengen@debian.org>
Changed-By: Thijs Kinkhorst <kink@squirrelmail.org>
Description: 
 mantis     - web-based bug tracking system
Closes: 330682 335938
Changes: 
 mantis (0.19.2-4.1) stable-security; urgency=high
 .
   * NMU for security bugs:
     - Mantis #0005247: Real email addresses are visible when using reminders
       [CVE-2005-3338]
     - Mantis #0005751: Javascript XSS vulnerability [CVE-2005-3091]
     - Mantis #0006097: user ID is cached indefinately [CVE-2005-3339]
     - Mantis #0006273: File Inclusion Vulnerability [CVE-2005-3335]
     - Mantis #0006275: SQL injection [CVE-2005-3336]
     Patches from upstream developers (Closes: #330682, #335938)
Files: 
 b7c83d901ff3cfa1c4cb54502e5519c7 572 web optional mantis_0.19.2-4.1.dsc
 e364d9ebb64a2071c3188baabb027dbd 36447 web optional mantis_0.19.2-4.1.diff.gz
 4131ad481a77292789af31e00a7960e6 895006 web optional mantis_0.19.2-4.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDgGg8W5ql+IAeqTIRAq3fAJ9fnIkjF5qgZQpJ4QPmB74EubeZfACgnDND
YhRP9wzZn77/4A8Orh2DIgM=
=GVuN
-----END PGP SIGNATURE-----


Accepted:
mantis_0.19.2-4.1.diff.gz
  to pool/main/m/mantis/mantis_0.19.2-4.1.diff.gz
mantis_0.19.2-4.1.dsc
  to pool/main/m/mantis/mantis_0.19.2-4.1.dsc
mantis_0.19.2-4.1_all.deb
  to pool/main/m/mantis/mantis_0.19.2-4.1_all.deb