Accepted spip 3.2.4-1+deb10u12 (source) into oldoldstable
- To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
- Subject: Accepted spip 3.2.4-1+deb10u12 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Mon, 18 Dec 2023 01:20:18 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: spip_3.2.4-1+deb10u12_source.changes
- Debian-source: spip
- Debian-suite: oldoldstable
- Debian-version: 3.2.4-1+deb10u12
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=d2Kvv3fTVxB6clqpdL1IW6qbcOmOKRnTTD1W74dY5jE=; b=KnUyE7CcKSs0uzC8kTQmd/dlT1 at+VaY642ZRpJro6fADW7ovBBRUXIayBUW0RFHkQIZheyGF9ivFSB3Xh4eF2l45+KRSW1m0vToPYS yQeWIrlObtcR6SZDISEpDIYUJEbz3pZF5NnIDDu50ItarT64/K32BBHhKSFAI9byppwcH0WysG8Uj 7NFcmqosG0gS/HZnNYfK8QGJsBXpmPYz+7O44lqQ0KwBYs0j7l2slR9pHLihJluKNw3LLTn8EZKvF tKoNDCZuc4UN+WGAHm0bxR5O94fqkSh6neBWRHCyCtUxl+qpA407Wz6FB931zbamBRVYlYKJ3MMCj SOgQ1XPg==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1rF2Is-00HOJh-Nw@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 18 Dec 2023 01:09:20 +0100
Source: spip
Architecture: source
Version: 3.2.4-1+deb10u12
Distribution: buster-security
Urgency: high
Maintainer: David Prévot <taffit@debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Changes:
spip (3.2.4-1+deb10u12) buster-security; urgency=high
.
* Non-maintainer upload by the LTS Security Team.
* Backport upstream security fixes from 4.1.10:
+ Limit recursion depth in protege_champ().
+ Avoid usage of unserialize() in security screen.
+ Deny access to hidden files in supplied .htaccess file.
+ Update security screen to 1.5.3.
* Backport upstream security fixes from 4.1.11:
+ Refactor weeding out of credentials and other authentication data into
new function auth_desensibiliser_session() and use it in
auth_informer_login() as well.
Checksums-Sha1:
60f512d83bfaf13a0770bb1276c4d89a77d2627a 1841 spip_3.2.4-1+deb10u12.dsc
35f94dfe9beb7b9323175e0203399eb2d5d9d210 114476 spip_3.2.4-1+deb10u12.debian.tar.xz
876785cdfc0c0e038bc3aaa4ed8b88f88d8c4065 8358 spip_3.2.4-1+deb10u12_amd64.buildinfo
Checksums-Sha256:
3c20ae903f120af50c0494b833f93b8b2a820bbd06798f378bb4083563c1f534 1841 spip_3.2.4-1+deb10u12.dsc
3fc8682f7b3dfbdec4eca6a86bbc45cc5d01e4c02971f3b47866d650ad585816 114476 spip_3.2.4-1+deb10u12.debian.tar.xz
42ad104535418010218e071d45731de351f381ac61cbe15f8cd250644fb6aebb 8358 spip_3.2.4-1+deb10u12_amd64.buildinfo
Files:
dc603415cf3b371312f19aeea185319a 1841 web optional spip_3.2.4-1+deb10u12.dsc
28616b9c4c7a9096d868bdc943d002e0 114476 web optional spip_3.2.4-1+deb10u12.debian.tar.xz
6b275d3362c5f5a52cb3806cdaf2170d 8358 web optional spip_3.2.4-1+deb10u12_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmV/kSMACgkQ05pJnDwh
pVJtOw/+J16w/eSHDm+GzY/J7jAa1oJawIw9laistKZ+D/xSD2tNa1OrdompmT0c
0VxFgilv+rftR8Tom1Q1D8mLqvZJjKCoGxt8kPE7aqX/nW/7XeuWz77JWGSPB19y
Fs6omTO6zQSw0W/pO/JTHs6XBvNVRrHUKQlDuMEmDrZH6XqcSb5aIwLGEhKX3fzc
Ql/a5dnLjW3Rk25vDw/OWInvZf2K/raV+r7cmtBq5gSQIrMyqvBdNcM8qSedi8Nd
NvSZWNyzHZG4n2o1yKzOPInq12jaiISWxsWbicgl2Glv9811LtDx0zVvBT6HbpLr
N8YU8VSdv+Hgn5aTK9peq0ePtFeBhbpL9i4gpF50I3LV0iapzDv5nylvspMwLzpA
1m2Sw4vvYxgaJzvmpIsqhXh32gU6LaCwVMVc2IQQtyippbZAfpw6ebRxVHfDtmFa
k+qWsHmOkIqeLsKVsbTeCblL4YGqRB62B19Ko9UuXMUodxm2BVoa/eBQJRT9iLt+
Wv4Si75HfEP+rJEgQkpX5SypTR7f4vdKCab7EXRdaWtEjx4vhZm4xQtZm7GrkaSj
axYyfJ4NIoBRzHPs8x2uvHL+MhrzMOFamMsICLbPP7Cls5eJfJxhfL17jDKWaqg/
Q3UMlG2/tHq/No0EQmSCjGA8Mby1eiNnRRIByI8zmp8XDXM2ioI=
=6xr3
-----END PGP SIGNATURE-----