Bug#499579: marked as done (horde3: New upstream version - includes XSS fix)

Sun, 21 Sep 2008 19:33:52 -0700 

Your message dated Mon, 22 Sep 2008 02:17:06 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#499579: fixed in horde3 3.2.2+debian0-1
has caused the Debian Bug report #499579,
regarding horde3: New upstream version - includes XSS fix
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)


-- 
499579: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499579
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message --- 
Package: horde3
Version: 3.2.1+debian0-2
Severity: normal

New upstream version 3.2.2 released september 10 contains the following
in its release notes:

The major changes compared to the Horde version H3 (3.2.1) are:
     * Fixed unescaped output in the MIME library.
     * Further improved the XSS filter for HTML.


 - Jonas

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.27-rc6-amd64 (SMP w/2 CPU cores)
Locale: LANG=da_DK.UTF-8, LC_CTYPE=da_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

--- End Message ---
--- Begin Message --- 
Source: horde3
Source-Version: 3.2.2+debian0-1

We believe that the bug you reported is fixed in the latest version of
horde3, which is due to be installed in the Debian FTP archive:

horde3_3.2.2+debian0-1.diff.gz
  to pool/main/h/horde3/horde3_3.2.2+debian0-1.diff.gz
horde3_3.2.2+debian0-1.dsc
  to pool/main/h/horde3/horde3_3.2.2+debian0-1.dsc
horde3_3.2.2+debian0-1_all.deb
  to pool/main/h/horde3/horde3_3.2.2+debian0-1_all.deb
horde3_3.2.2+debian0.orig.tar.gz
  to pool/main/h/horde3/horde3_3.2.2+debian0.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Gregory Colpart <[EMAIL PROTECTED]> (supplier of updated horde3 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 22 Sep 2008 03:28:05 +0200
Source: horde3
Binary: horde3
Architecture: source all
Version: 3.2.2+debian0-1
Distribution: unstable
Urgency: high
Maintainer: Horde Maintainers <[EMAIL PROTECTED]>
Changed-By: Gregory Colpart <[EMAIL PROTECTED]>
Description: 
 horde3     - horde web application framework
Closes: 493885 499001 499579
Changes: 
 horde3 (3.2.2+debian0-1) unstable; urgency=high
 .
   * New upstream release.
   * This version is mainly for fixing two security bugs: unescaped output in
     the MIME library and improve the XSS filter for HTML (See CVE-2008-3823 for
     more information). (Closes: #499579)
   * Add changelog entry with CVE ID in changelog for 3.2.1+debian0-1.
   * Fix misspelling in Recommends: field. (Closes: #499001)
   * Improve upgrade path Etch->Lenny with forcing to show diff of
     /etc/horde/horde3/registry.php because all horde components are now
     inactive by default. (Closes: #493885)
   * Change Gregory Colpart's email address in debian/control file.
Checksums-Sha1: 
 91b26cbcec230fe2e37befef8387b8a3d5281265 1360 horde3_3.2.2+debian0-1.dsc
 6a40d92aeb426bc3c0482eee0c812108d7146e81 7180761 
horde3_3.2.2+debian0.orig.tar.gz
 e6e7f0ab442dc1edb6356066927fbf7b128aa510 22754 horde3_3.2.2+debian0-1.diff.gz
 04adfab76ccf8820d7ca43e9387c24f5a81b5e4b 7215266 horde3_3.2.2+debian0-1_all.deb
Checksums-Sha256: 
 7b422275e85a423507194f3d0bf64b7ceb98fe4f0b148d4dceeca21479f2bb73 1360 
horde3_3.2.2+debian0-1.dsc
 d0b1eca52485799cc49383665f26fd123bcb6ab4ba9192cc666ae1e77167e416 7180761 
horde3_3.2.2+debian0.orig.tar.gz
 f80c5b85fce56855bf1ae9ca45b16ea8c97746a23b5f033de9c0ed806e9a3918 22754 
horde3_3.2.2+debian0-1.diff.gz
 b372b910eac5858aeff8d76471880beba849d56174a63a748915b1e46351c339 7215266 
horde3_3.2.2+debian0-1_all.deb
Files: 
 22cddcf86a4d75008ce35fe4047464d4 1360 web optional horde3_3.2.2+debian0-1.dsc
 fb22a594bbdad07a0fbeef035a6d2f39 7180761 web optional 
horde3_3.2.2+debian0.orig.tar.gz
 a441fb1f2642c687f452a71b1332f8d9 22754 web optional 
horde3_3.2.2+debian0-1.diff.gz
 7c5f98d6ca2fc93e968cb4e8d4b6ee80 7215266 web optional 
horde3_3.2.2+debian0-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkjW9lYACgkQMhdcDcECeg5I0QCeOSW6jZhPK5gEG5rO8/ZCJIeI
asgAnAiVirtYxEjAACpxekjYJCrcr2jX
=BhkM
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to