Accepted mantis 0.19.2-5sarge1 (source all)

[Igor Genibel <igenibel@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed,  4 Jan 2006 17:45:00 +0100
Source: mantis
Binary: mantis
Architecture: source all
Version: 0.19.2-5sarge1
Distribution: stable-security
Urgency: high
Maintainer: Hilko Bengen <bengen@debian.org>
Changed-By: Igor Genibel <igenibel@debian.org>
Description: 
 mantis     - web-based bug tracking system
Changes: 
 mantis (0.19.2-5sarge1) stable-security; urgency=high
 .
   * Maintainer upload for the security team (Related: #345288)
     - Fixes CVE-2005-4524:
       Notes on private bugs may be leaked.
     - Fixes CVE-2005-4523:
       Private bugs may be leaked through RSS feeds.
     - Fixes CVE-2005-4522:
       XSS in view_filters_page.php.
     - Fixes CVE-2005-4521:
       Two CRLF injection vulnerabilities.
     - Fixes CVE-2005-4520:
       Unspecified "port injection".
     - Fixes CVE-2005-4519:
       Multiple SQL injection vulnerabilities.
     - Fixes CVE-2005-4518:
       Bypass of file upload restrictions.
     - Fixes CVE-2005-4238:
       XSS in view_filters_page.php.
 .
     Applied the changes between 0.19.3 (that were already applied) and
     0.19.4. Note that since 0.19.3 (included) new version are only security
     fixes.
Files: 
 84bfa6cce4f41aebd7f7bdd810048504 580 web optional mantis_0.19.2-5sarge1.dsc
 0c827e6e04027c31080de40d53930689 39448 web optional mantis_0.19.2-5sarge1.diff.gz
 a5d28b04680faf1abbda95cc18b28bac 897448 web optional mantis_0.19.2-5sarge1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDvAjD+xgdMBZI9sgRAjJ/AJ994Z+TEGyUQ8w5CHkALBVIs9a3rACcCx5y
DJb1TLAC/orH8kXGjBDTIYw=
=LiXV
-----END PGP SIGNATURE-----


Accepted:
mantis_0.19.2-5sarge1.diff.gz
  to pool/main/m/mantis/mantis_0.19.2-5sarge1.diff.gz
mantis_0.19.2-5sarge1.dsc
  to pool/main/m/mantis/mantis_0.19.2-5sarge1.dsc
mantis_0.19.2-5sarge1_all.deb
  to pool/main/m/mantis/mantis_0.19.2-5sarge1_all.deb