Back to mantis PTS page

Accepted mantis 0.19.2-5sarge5 (source all)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed, 09 Jan 2008 10:24:53 +0100
Source: mantis
Binary: mantis
Architecture: source all
Version: 0.19.2-5sarge5
Distribution: oldstable-security
Urgency: high
Maintainer: Igor Genibel <igenibel@debian.org>
Changed-By: Patrick Schoenfeld <schoenfeld@in-medias-res.com>
Description: 
 mantis     - web-based bug tracking system
Closes: 402802 458377
Changes: 
 mantis (0.19.2-5sarge5) oldstable-security; urgency=high
 .
   * Maintainer upload for the security team
   * Fixed security issue CVE-2007-6611: "Upload File" Script
     insertion vulnerability by applying the patch from sid.
     (Closes: #458377)
   * Fixed security issue CVE-2006-6574: Custom Field Information Disclosure by
     backporting changes in history_api.php from sid
     (Closes: #402802)
   * Fixed security issue: Email notifications bypass security on custom fields
   * Fixed multiple XSS vulnerabilites by backporting changes from upstream
     version 1.0.7
Files: 
 176c95ad5f1142fcb9364540fd19eeea 874 web optional mantis_0.19.2-5sarge5.dsc
 b1c5f077e0046c5b33d77e99a2b4ffe5 46292 web optional mantis_0.19.2-5sarge5.diff.gz
 5708305cbd20cde4825b3adb7d72d3a1 898014 web optional mantis_0.19.2-5sarge5_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBR4sVoWz0hbPcukPfAQJqMQf/QuiGvAL5OS//Vg5H8YmnYUHujP+I9qe7
eYaTODpsm6N8XhrUYYeiPO92bDYF8IfPJF+Novb2n/2qVoo/q5mV/UcYxeA3m2sw
p0/JdTZIFexifKN5Z/dsK36JH3UOQxSbTzJB5NrNMtypKS9wAkemk0M8EJynKWb+
Te6qdnQNDDAGkNBUBog99xaRz3cqhUCx+Um3pbEO60igzwwoEMb2d4yi1XEqJiKF
qR0HQtu8DnYrMyZ832QOY+56Ju4qY6xfn+RxCqqyu6LmeEI1cUY72VI2t7IuWNKA
Dr2WdF10Eutg958hb1tXCkpgXz1xfxNMDw/YQ8AHQliSJ0UkHun/FA==
=kp5F
-----END PGP SIGNATURE-----


Accepted:
mantis_0.19.2-5sarge5.diff.gz
  to pool/main/m/mantis/mantis_0.19.2-5sarge5.diff.gz
mantis_0.19.2-5sarge5.dsc
  to pool/main/m/mantis/mantis_0.19.2-5sarge5.dsc
mantis_0.19.2-5sarge5_all.deb
  to pool/main/m/mantis/mantis_0.19.2-5sarge5_all.deb