Back to sympa PTS page

Accepted sympa 6.1.23~dfsg-2+deb8u2 (source amd64) into oldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted sympa 6.1.23~dfsg-2+deb8u2 (source amd64) into oldstable
From: Markus Koschany <apo@debian.org>
Date: Tue, 24 Jul 2018 20:10:34 +0000
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1fi3di-0006ID-Ib@seger.debian.org>
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 24 Jul 2018 21:14:39 +0200
Source: sympa
Binary: sympa
Architecture: source amd64
Version: 6.1.23~dfsg-2+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Debian Sympa team <pkg-sympa-devel@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 sympa      - Modern mailing list manager
Changes:
 sympa (6.1.23~dfsg-2+deb8u2) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2018-1000550:
     A vulnerability has been discovered in Sympa web interface that allows
     write access to files on the server filesystem. This flaw allows to create
     or modify any file writable by the Sympa user, located on the server
     filesystem, using the function of Sympa web interface template file saving.
Checksums-Sha1:
 81ba824111f4087db528ea64d71988433c874025 2695 sympa_6.1.23~dfsg-2+deb8u2.dsc
 a84df267a1e5ad77f60f8fe2f5fc4893ab0dbc07 2273692 sympa_6.1.23~dfsg.orig.tar.xz
 e361c629af369b3263e207e05fb61d2261a1a746 91128 sympa_6.1.23~dfsg-2+deb8u2.debian.tar.xz
 99deea78d61e1cd3b52cb3b0f573512189f87dd9 2258540 sympa_6.1.23~dfsg-2+deb8u2_amd64.deb
Checksums-Sha256:
 f6972b45eb285a2a56de89a9079cc22d548a16a2eff0056f19ad42fd6f19645a 2695 sympa_6.1.23~dfsg-2+deb8u2.dsc
 7d437339f63f60049335e16856c5ee8bbc6f8b9ef23fd18aef1a13f4ab8d6fa5 2273692 sympa_6.1.23~dfsg.orig.tar.xz
 96815b0f8143b5c930a8e86f5f871bd7b5787b60cef00020a5978411328fdf6b 91128 sympa_6.1.23~dfsg-2+deb8u2.debian.tar.xz
 55997ea0ee2803a07fb854ef6be3a7f1284cb272b9a63c0881f7c3a8834ca28c 2258540 sympa_6.1.23~dfsg-2+deb8u2_amd64.deb
Files:
 6a4f2d6cf8001014ff864d898f24a362 2695 mail optional sympa_6.1.23~dfsg-2+deb8u2.dsc
 f3e432cc2b08383a7c1d11c0bae3f25a 2273692 mail optional sympa_6.1.23~dfsg.orig.tar.xz
 5af6c000949cdfd3edff8569228106a3 91128 mail optional sympa_6.1.23~dfsg-2+deb8u2.debian.tar.xz
 44ecebafbe2b989c12feb52da21dadc9 2258540 mail optional sympa_6.1.23~dfsg-2+deb8u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAltXgyVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkohAQALlPe78d0fxJlwmYTKxH0ix2dQ9nJfuFXpaE
OoGIGdQAw0hqqPZE/eEMqHWshor4SArFmID5wD9LbfvF3JBZxoTX1lZ1L9VyWuNt
qN/ts3XG2Hi2moiDuW64hQ6TYDpVRbTDeAAP9tPoe4DKqCl6TJgaAXw853KSj1U/
yOh0SK3trWQWB3kldAM+K8p0sL7jDAhskKq9fL6pOKQLOaSF4syqLe5RSkWY3R1D
Ug7uOGaYSdbXezc6ggwWD6YTdKr5DE3RfL6McC59VbCdjBlMzVtbCaMiOld5H63E
bNZhW00Cpa4k+E6xozhQFIXD+qfuCmhLelTh1a5Dqhpq7lVF6s4UFbZhKFf/AnO8
disEPA4xgkqdWIVr+VhrwV96gPUF2ufDJsr0r0IG3/8H89jWMBgHkHq/CvOU5fok
YEsOHlo4IdBilMzjqqu33CwPPO/A601vyG3xZUSeICIZAuUqSGz7LoG+AgPrCOws
k639S44HlJ4JlnZWXD69HqWE+epBEzNB1pvNV0ofuNJD7Ql/GUSib3IpLluH5Qo+
SXNqL9Xh2VUK5M/AbNaIfSrYm6r7nAnahwX1VmQdjypE4HkxSqlDa7oHDSIuXFel
D4E+dB6aBenudeGMd/n8Py5XkyloEc6Glmi4NaRQH3G4OTq0figUJOSRtO7kwqfY
phTYfcsZ
=ayKQ
-----END PGP SIGNATURE-----