Back to mantis PTS page

Accepted mantis 1.2.7-1 (source all)

To: debian-devel-changes@lists.debian.org
Subject: Accepted mantis 1.2.7-1 (source all)
From: Silvia Alvarez <sils@powered-by-linux.com>
Date: Mon, 05 Sep 2011 19:17:58 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1R0egA-0004E5-Qz@franck.debian.org>
Reply-to: debian-devel@lists.debian.org
Sender: Archive Administrator <dak@franck.debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 05 Sep 2011 20:41:13 +0200
Source: mantis
Binary: mantis
Architecture: source all
Version: 1.2.7-1
Distribution: unstable
Urgency: high
Maintainer: Silvia Alvarez <sils@powered-by-linux.com>
Changed-By: Silvia Alvarez <sils@powered-by-linux.com>
Description: 
 mantis     - web-based bug tracking system
Closes: 640061 640297
Changes: 
 mantis (1.2.7-1) unstable; urgency=high
 .
   * Security Upstream Release (1.2.7)
   * Urgency high: Fixes critical LFI/XSS vulnerabilites
   * debian/NEWS: updated
   * debian/README.Debian: updated
   * debian/doc/README.LDAP: updated
   * debian/po debconf translations:
     + Added Swedish translation, thanks to
        Martin Bagge (Closes: #640061)
     + Fixed Language Field: sv
   * debian/patches:
     + dropped:
       000-fix-security-bug-bts-638321-filterapi-multiple-XSS.diff
       Bug fixed in new upstream release.
    + updated:
       000-cleanup-gitignore-file-from-orignal-tarball.diff
    + added: Multiple vulnerabilities (LFI/XSS/Projax/PHPSELF)
      Thanks to David Hicks, MantisBT developer. (Closes: #640297)
      000-Fix-640297-LFI-XSS-injection-bug-action-group-0.diff
      000-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff
      000-Fix-640297-LFI-XSS-injection-via-PHPSELF.diff
      000-Fix-640297-Projax-XSS-injection.diff
Checksums-Sha1: 
 2dc4fa1aa4036bc8a44ee6e93bb09ecff9d4013c 1829 mantis_1.2.7-1.dsc
 c28e11e32e1b8b1ea631f056c32d05c7e51aa927 3280933 mantis_1.2.7.orig.tar.gz
 7abe1796b17898cf6cce741ad1643e2257df702f 58763 mantis_1.2.7-1.debian.tar.gz
 60da7c4ce63fd23bc3c123f3c0210fc70424e1c9 2074010 mantis_1.2.7-1_all.deb
Checksums-Sha256: 
 462971bfffb999c18f424f0aad568683371a03ac3423b54784b4353b3dd8d08d 1829 mantis_1.2.7-1.dsc
 8a0ba6e3b7310743c5a52bf9b771f29988d11497e21336eef833fd7e73c9a717 3280933 mantis_1.2.7.orig.tar.gz
 143b561da266daaf78159bed7438371bc56b00f7fb414eb1069ced9d15d05054 58763 mantis_1.2.7-1.debian.tar.gz
 e3cea06ab6064aaec1c6832d01aa775e5f2aa9a5b99c0264bdbd334cc6ff7438 2074010 mantis_1.2.7-1_all.deb
Files: 
 3f4413889462fb3d7a6c98fc26fb0396 1829 web optional mantis_1.2.7-1.dsc
 b78a10db186db2ad815007aee3d0ae86 3280933 web optional mantis_1.2.7.orig.tar.gz
 55fafb0eaf209ecdd86f7e61e6290785 58763 web optional mantis_1.2.7-1.debian.tar.gz
 17b549732afca26dec84f042b5435773 2074010 web optional mantis_1.2.7-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJOZR61AAoJEKgvu4Pz1XAzoW4P/R3aYgj9qjABKNWFwfOZcPBH
ogqlTXHDAikAMNZr7mYbUttFto02u+Sv9Bki/slSOC28R1BKES9tlhNj8NuGL2oB
Im3TuuetfP/oeLKfkbiHr84W0pgN9/VtO+mbHyHcTeleAsHQsUxXszK4ZeEdxbuQ
UBWAAwCwxLGvjI3xi9N/Z3tRO1lHNyAWgj0lbhEcA/OpYbxnIMNmTcmpeUY4IqjP
55//bnaj0zM5MrbiPaWHLZ1DhImMp72xc91+6zWXTnNp72gVaVIyhXAhInrnO1Uo
Wi9ABEq8OhFmrnKDu0WRhbetIAxb7QZ/SGQp5dXZQ7YFu61plhGOiITFISZekJXd
BpImvb8KlbtC4HCaq5Yhn9CUNs5hQw8/Rgtp1v4SVOK3uDZjnYlT5Lxdc9Oh4zZc
VyZj9arP4n0k4ElusVIgSd7e7u56suZAcEbZurzbff4SYJ/WNFm/QCutwndlb7hB
4YJw2VEQDBXbILQ9BvnsnoHCDasC+gClS0VqRH+EWgtbodF+Jzq5dC0noZRVtjym
crNwGWrP3ZKIJjId2505jzcyTG5vBEeDJU3SSFLbdBMJy0qtl8x7+bJHK0ZYmIe1
0HRQtN1LQHwPhJCDqDV4f/CvPC0mjV4YCJy7LrWNWni55wEUHomRNhWgDI+xkO4h
fYVp6hzx19y+cpcjPnsR
=p/9x
-----END PGP SIGNATURE-----


Accepted:
mantis_1.2.7-1.debian.tar.gz
  to main/m/mantis/mantis_1.2.7-1.debian.tar.gz
mantis_1.2.7-1.dsc
  to main/m/mantis/mantis_1.2.7-1.dsc
mantis_1.2.7-1_all.deb
  to main/m/mantis/mantis_1.2.7-1_all.deb
mantis_1.2.7.orig.tar.gz
  to main/m/mantis/mantis_1.2.7.orig.tar.gz