Accepted mantis 0.19.2-5sarge4.1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 28 Jul 2006 13:37:02 +0200
Source: mantis
Binary: mantis
Architecture: source all
Version: 0.19.2-5sarge4.1
Distribution: stable-security
Urgency: high
Maintainer: Igor Genibel <igenibel@debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description:
mantis - web-based bug tracking system
Closes: 361138 378353
Changes:
mantis (0.19.2-5sarge4.1) stable-security; urgency=high
.
* Non-maintainer upload for security issues.
* CVE-2006-0664: Cross site scripting in config_defaults_inc.php.
Apply upstream patch.
* CVE-2006-0841: Multiple cross-site scripting (XSS) vulnerabilities in
view_all_set.php, manage_user_page.php, view_filters_page.php,
proj_doc_delete.php. Apply selected upstream patches where relevant
to our version. (Closes: #378353)
* Revert typo in debconf string as it's not appropriate for stable(security).
.
mantis (0.19.2-5sarge4) stable-security; urgency=high
.
* Security update for CVE-2006-1577
- fix XSS problem (Closes: #361138)
* Fix a typo in debconf management (adminpassoword <-> adminpassword)
.
mantis (0.19.2-5sarge3) stable-security; urgency=high
.
* Security update for CVE-2006-0665
- better check _GET
- Cross site scripting vulnerability
Files:
186850cfa7493513907212591d8c550b 586 web optional mantis_0.19.2-5sarge4.1.dsc
74a6598eff0b5f741df8c768c060edc4 42068 web optional mantis_0.19.2-5sarge4.1.diff.gz
6a94215892b6efedd61e042973060022 897142 web optional mantis_0.19.2-5sarge4.1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEyfb+JdKMxZV9WM8RAq4SAJsEn2sSIU6yjxeLHCKh1NtIJVPyOACgvcs4
MAtD4hDhq7gFV9mzreq5twQ=
=OqBA
-----END PGP SIGNATURE-----
Accepted:
mantis_0.19.2-5sarge4.1.diff.gz
to pool/main/m/mantis/mantis_0.19.2-5sarge4.1.diff.gz
mantis_0.19.2-5sarge4.1.dsc
to pool/main/m/mantis/mantis_0.19.2-5sarge4.1.dsc
mantis_0.19.2-5sarge4.1_all.deb
to pool/main/m/mantis/mantis_0.19.2-5sarge4.1_all.deb