Your message dated Wed, 23 May 2007 15:02:46 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#420219: fixed in trac 0.10.4-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: trac
Version: 0.10.3-1
Tags: security

Please bump trac to 0.10.3.1 in 'testing' and 'unstable' because of these
two issues listed in the release announcement[1]:

* Always send "Content-Disposition: attachment" headers where
   potentially unsafe (user provided) content is available for download.
   This behaviour can be altered using the "render_unsafe_content"
   option in the "attachment" and "browser" sections of trac.ini.
* Fixed XSS vulnerability in "download wiki page as text" in
   combination with Microsoft IE. Reported by Yoshinori Oota, Business
   Architects Inc.

[1] Release Announcement
http://groups.google.com/group/trac-announce/browse_thread/thread/a0179f00ab
b51972

Attachment: smime.p7s
Description: S/MIME cryptographic signature


--- End Message ---
--- Begin Message ---
Source: trac
Source-Version: 0.10.4-1

We believe that the bug you reported is fixed in the latest version of
trac, which is due to be installed in the Debian FTP archive:

trac_0.10.4-1.diff.gz
  to pool/main/t/trac/trac_0.10.4-1.diff.gz
trac_0.10.4-1.dsc
  to pool/main/t/trac/trac_0.10.4-1.dsc
trac_0.10.4-1_all.deb
  to pool/main/t/trac/trac_0.10.4-1_all.deb
trac_0.10.4.orig.tar.gz
  to pool/main/t/trac/trac_0.10.4.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Luis Matos <[EMAIL PROTECTED]> (supplier of updated trac package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 20 May 2007 22:46:56 +0100
Source: trac
Binary: trac
Architecture: source all
Version: 0.10.4-1
Distribution: unstable
Urgency: low
Maintainer: Jesus Climent <[EMAIL PROTECTED]>
Changed-By: Luis Matos <[EMAIL PROTECTED]>
Description: 
 trac       - Enhanced wiki and issue tracking system for software development 
Closes: 414134 420219 422409
Changes: 
 trac (0.10.4-1) unstable; urgency=low
 .
   * New upstream release (Closes: #414134, #420219)
   * Fixed typo in debian/copyright file (Closes: #422409)
Files: 
 4e5ead21be4462caf9057acfc1a56dab 714 web optional trac_0.10.4-1.dsc
 52a3a21ad9faafc3b59cbeb87d5a69d2 449116 web optional trac_0.10.4.orig.tar.gz
 2009747a16096be31dc3555c7da8a68a 8793 web optional trac_0.10.4-1.diff.gz
 da54e1801833494d78b7562c8ad29e59 386598 web optional trac_0.10.4-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGVFSfLqiZQEml+FURAiTXAJ9iq0VERRu2aDuG4bpUJz0U3+1NyACeKNxi
c9lGd396BhnGaOsW4ghXj78=
=BW5B
-----END PGP SIGNATURE-----


--- End Message ---

Reply via email to