[Secure-testing-team] Bug#709674: Privilege escalation fixed in new upstream releases
David Prévot
taffit at debian.org
Fri May 24 22:16:19 UTC 2013
Package: spip
Version: 3.0.8-1
Severity: critical
Tags: security
Control: found -1 2.1.21-1
Control: found -1 2.1.17-1
Control: found -1 2.1.1-3squeeze5
Hi,
Upstream just released a new version, fixing a privilege escalation,
allowing anyone to take control of the website.
I’m on my way to prepare the four needed packages (for squeeze, wheezy,
sid and experimental), and will open a ticket for the first two ASAP.
Regards
David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20130524/206b596d/attachment.pgp>
More information about the Secure-testing-team
mailing list