Accepted spip 2.1.17-1+deb7u8 (source all) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 24 Dec 2016 15:23:00 +0100
Source: spip
Binary: spip
Architecture: source all
Version: 2.1.17-1+deb7u8
Distribution: wheezy-security
Urgency: high
Maintainer: SPIP packaging team <spip-maintainers@lists.alioth.debian.org>
Changed-By: Jonas Meurer <mejo@debian.org>
Description:
spip - website engine for publishing
Changes:
spip (2.1.17-1+deb7u8) wheezy-security; urgency=high
.
* Non-maintainer upload by the LTS Team.
* CVE-2016-9998: fix reflected cross-site scripting (XSS) vulnerability in
/ecrire/exec/info_plugin.php involving the `$plugin` parameter.
* CVE-2016-9997: fix reflected cross-site scripting (XSS) vulnerability in
/ecrire/exec/puce_statut.php involving the `$id` parameter.
Checksums-Sha1:
510965762be38cc185fca8db93c5750aef8743fa 1922 spip_2.1.17-1+deb7u8.dsc
d710925dc22218566dd972d6e26983553bb16a42 72112 spip_2.1.17-1+deb7u8.debian.tar.gz
d692f48c044f770984f1f04d38382187cecf181a 3858762 spip_2.1.17-1+deb7u8_all.deb
Checksums-Sha256:
bf8ac8239f6b50e06bad61da8d5b5f17b0241a7cf6beba6bb83b21f7d6184d2d 1922 spip_2.1.17-1+deb7u8.dsc
c843d12f7cb6e6400e3b3e04ce8d23dfa8ed55e6dd608e8046a6f3e129aed4f5 72112 spip_2.1.17-1+deb7u8.debian.tar.gz
75e98e869935fd5f0b3689b6f96e161b5bd4bd6f459d366ac88cdf47ff76d7cd 3858762 spip_2.1.17-1+deb7u8_all.deb
Files:
352d4fae414e5301e6cf0c53b39ef6ea 1922 web extra spip_2.1.17-1+deb7u8.dsc
3f3157120af7018a53dc24c877547f25 72112 web extra spip_2.1.17-1+deb7u8.debian.tar.gz
e77e45bc7adacc5c48c3b9f811018828 3858762 web extra spip_2.1.17-1+deb7u8_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEELIzSg9Pv30M4kOeDUmLn/0kQSf4FAlhenDgACgkQUmLn/0kQ
Sf4d4A/6Ag4Keg8FzTbDH+/82JdmvFPSkvAPXLfW24ypzku2NpTaAgiGOi9SLjxb
hfsNohHmdNT+GUR+VbfDBXwa9hRCuD4xThfjnsb2Aw+5oC4+onKFhvuceBRmV5ie
LiHMX4CeBvVNnu1YhrlTdbM9Km/d2bfLEGi6I/+SLewNJeRyBRVq92B/0pwRRTSf
acGKg7jubmqcjQsYAyGbxjYvXKM8fURklROYvEWKmLDY0rXnS1B8Xq1gi4ZOFVDZ
ryXvsUrsfKwsPBaieMqoukxZvGJrZYgkrlR121VyCN2mdQPsCTNGFHagZeFt/q8t
qINKO9rtnAyURRsc3fP7GL2AyBI5Oqy3mriLv0TpHVUpG1cvbSbW99bOZ1z6s/a2
VW2+R3azKimMuGbb9+zWkhzkc+ohPqNBqbHFCrP3cZSmHA5rIwngQlv1EaLhb3Nf
uuVAjmgWfvmXRhmqVXkAxWEAOdacMnCn4hwbaTY29KKhcbO1ayPMugzPOlqEJj0e
A9bR/6Lqp/g1OKXpoL+bcxnqTSBzQe4EM9708a3JXuQni1aOduU6NVBHV21Ydne0
WxwWHoymoAqaBt7z/hk3+DFiu6G0aV1uObJZ0XB70iaGQikEG0M6J0V1k78Fn8pr
kxi2yPLbfoFY1zh6f1vESw3PotSnJzeetoX7ONbbBtg7HNdEgKo=
=T+X1
-----END PGP SIGNATURE-----