[Spip-maintainers] spip_2.1.1-3squeeze4_amd64.changes ACCEPTED into proposed-updates
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Sun Jul 29 18:02:08 UTC 2012
Notes:
Mapping stable to proposed-updates.
Accepted:
spip_2.1.1-3squeeze4.diff.gz
to main/s/spip/spip_2.1.1-3squeeze4.diff.gz
spip_2.1.1-3squeeze4.dsc
to main/s/spip/spip_2.1.1-3squeeze4.dsc
spip_2.1.1-3squeeze4_all.deb
to main/s/spip/spip_2.1.1-3squeeze4_all.deb
Changes:
spip (2.1.1-3squeeze4) stable; urgency=low
.
* Updated security screen to 1.1.3. Prevent cross site scripting on referer
(addresses missing bits of [CVE-2012-2151]), cross site scripting and PHP
injections in internal functions. Closes: #680118
* Backport patch from 2.1.14:
- fix XSS on password. Closes: #672961
* Backport patch from 2.1.15:
- fix XSS injection in variable name. Closes: #677290
Override entries for your package:
spip_2.1.1-3squeeze4.dsc - source web
spip_2.1.1-3squeeze4_all.deb - extra web
Announcing to debian-changes at lists.debian.org
Closing bugs: 672961 677290 680118
Thank you for your contribution to Debian.
More information about the Spip-maintainers
mailing list