Your message dated Tue, 15 May 2012 02:56:32 +0000
with message-id <[email protected]>
and subject line Bug#672961: fixed in spip 2.1.14-1
has caused the Debian Bug report #672961,
regarding SPIP: Cross-site scripting fixed in new upstream release
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
672961: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672961
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: spip
Version: 2.1.13-1
Severity: grave
Tags: security upstream
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi,
Upstream, just released a new version, fixing two cross-site scripting
vulnerabilities.
The stable security update is ready [rt.debian.org #3837].
- -- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-2-amd64 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages spip depends on:
ii apache2 2.4.2-1
ii apache2-bin [httpd] 2.4.2-1
ii cherokee [httpd] 1.2.101-1
ii debconf [debconf-2.0] 1.5.43
ii fonts-dustin 20030517-9
ii libjs-jquery 1.7.2-1
ii libjs-jquery-cookie 5-1
ii libjs-jquery-form 5-1
ii php-html-safe 0.10.1-1
ii php5 5.4.3-1
ii php5-mysql 5.4.3-1
Versions of packages spip recommends:
ii imagemagick 8:6.7.4.0-5
ii mysql-server 5.5.23-2
ii netpbm 2:10.0-15+b1
spip suggests no packages.
- -- debconf information excluded
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJPsZL9AAoJELgqIXr9/gny5Q0QALMCRA10/ObfwBIkngPozuDL
1kmWBe6DWKdnN5u5EezIPl8RBqdLTSyo1YC4KGE+R/Thh6kg8TyhlToUtqiTIqyl
O5uxnb5zqekSY8bkIniL/OZVkLVMu9PdzFARCUbj4ZOZLyIpyI25RNg9AkqhQ++U
6VBTruXI1+2/L/R5DXpgo3uzIjinqnJGG3jwKVlkJ7ijDMh62eaYmaX4MmAJNLKG
Qkd44YRpFvNj5vOVPkZ713/A0brAs4a21Lbl0LjGacvKGplJY0sNifu3l+lO1wvI
Wa7Zlb2GLiyUxYBPulOU4+VhIR/Cmk3HDmk+osq+Bacn2A5DRRgCIo5VjTz3SzV0
VgfJrfKIaA9oDCV3ZYkg0JhFrXyHBA4f9OIi18y231btTMEIzYRg84BJiT0bYoJc
gUykTzClPb1E3ONqpKcARg0Q/74tiaoZcaDijx1TD+LNEbd32Llly0RbGPPTU8/v
mvzmMXjyLGcCa9ZtWsm7Is/mobVrsy9lC1z9ZVpmZRotG2ZXgatQ1eAW8FsU/+5+
ib/hofk7C/8scIrmYeJywwe9pn6YRdO/LSSaztYGx+DFJxD646TuT1Gb+5ijJIO4
FxC14CLTkUo/EdtWcBa6McoEMttMpBBhanqrVf+2uQ0xg3RtdMUpgnWGul6DqnxN
V0rpvMDYvNbEt8Wv59Lg
=Ff/4
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: spip
Source-Version: 2.1.14-1
We believe that the bug you reported is fixed in the latest version of
spip, which is due to be installed in the Debian FTP archive:
spip_2.1.14-1.debian.tar.gz
to main/s/spip/spip_2.1.14-1.debian.tar.gz
spip_2.1.14-1.dsc
to main/s/spip/spip_2.1.14-1.dsc
spip_2.1.14-1_all.deb
to main/s/spip/spip_2.1.14-1_all.deb
spip_2.1.14.orig.tar.gz
to main/s/spip/spip_2.1.14.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
David Prévot <[email protected]> (supplier of updated spip package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 14 May 2012 21:12:03 -0400
Source: spip
Binary: spip
Architecture: source all
Version: 2.1.14-1
Distribution: unstable
Urgency: low
Maintainer: SPIP packaging team <[email protected]>
Changed-By: David Prévot <[email protected]>
Description:
spip - website engine for publishing
Closes: 672961
Changes:
spip (2.1.14-1) unstable; urgency=low
.
* New upstream version, fixes cross site scripting.
Closes: #672961
* Update security screen file to 1.1.0.
* Add CVE number to previous entry (#671264 related).
Checksums-Sha1:
3de79f5facb6010d75f3583652d9bc14dfe98d7e 1897 spip_2.1.14-1.dsc
4220cd013dbb1807c18e6361386472d8575baf84 3942709 spip_2.1.14.orig.tar.gz
5f79442fb681916f8ac302fcd33a3124a0068455 59523 spip_2.1.14-1.debian.tar.gz
061c73060a6d7d835cde5af1ff41b74e6fe4d248 3866950 spip_2.1.14-1_all.deb
Checksums-Sha256:
4b6ec5fd431edfa76a5686b3e1b531b57a94335438aa71486a3fcd218da4a365 1897
spip_2.1.14-1.dsc
ca988175cebfc49b6771f7a1e430f665c77619afcf381c7d432e37869d01a5bc 3942709
spip_2.1.14.orig.tar.gz
4d5f639259d12d9fc86501a2685f4fee7bf563d1cbac5a0d2c4b69231cae9f41 59523
spip_2.1.14-1.debian.tar.gz
ae9134a667b5e94c113f1f1bc853103faebe46b88ed738750920b861097eed0d 3866950
spip_2.1.14-1_all.deb
Files:
8cfdb402c6e1edcddb7487902d2ebc4d 1897 web extra spip_2.1.14-1.dsc
0069dca77773381bcf345fbe23d5b8c2 3942709 web extra spip_2.1.14.orig.tar.gz
ea5e4cbcc8d4aa7e51ed1df5cac60dc5 59523 web extra spip_2.1.14-1.debian.tar.gz
dbc80facf700463417d75ec8303c217c 3866950 web extra spip_2.1.14-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJPsa7WAAoJELgqIXr9/gnyg1oP/3BB0HhlDg4s0cfJMEnoluG4
7EiOQM9DDgxD75YHGSgB173CGcEuR3Nbgixnz3Vyx9P/OE6be5k6EoPxGc0cYIzs
Re9bbBrFjyaK19O+QJXMKh2KnqhiGovl2BWzkp+Moi5UjkbP0mF97vDCIpvjX2ZG
7SsXqtXwF3T6VOteTlFUbzHkcDbVhgWdCjsvehxDywNdJvXUbpb7h/xzYPjTitBe
lKGulA56vSy3PhSkTJRC5s8lFb/hqNixfxiX/hBV3+IWugZ+S1QprLgIhljzqHpj
YLm/sZu0nhVf1TbpSTMfvqQH3nmjwh97HY0w99DMC611sReBnZXaEfY6QrntVCza
7U8XVdYFhGYYdtq9TMwNoVvPE4p304VW4LzQRyUYFfoidTsN/n/JwiDyqpiYtsp2
/rjJmYiTvU5t2LcZ2pR9G5wp5q+umC5OhhggZynAeQO4GYhHjd5d/pbiENQ4N0yk
bsnmbfJ1baK8pr8t2GULJJIGZicOPsfhSfNAW4i4OzZxb8+kdhOXieVsjBBUwjWq
rjC1lG7OcQtPA623IYGuLx3DxTdmwhh61myesP0lHnIuKBFp2/f3WTS8MLPmZzLI
25btyEVI7yePYOhYLWB1MNWUXplbo88wYb3p0SLaOXwKEPch6fJPO1XfbzEYZtl2
YZRBH7785Yy8mizF7np4
=RaFN
-----END PGP SIGNATURE-----
--- End Message ---
