mantis (1.2.8-1) unstable; urgency=medium
* Urgency medium: fixed serious bug (policy violations)
+ debian/mantis.config:
Allow set empty password in debconf config to prevent errors in
unattended installations (--frontend:Noninteractive --priority=critical)
(Closes: #640589)
* New Security Upstream Release (1.2.8)
* debian/README.Debian:
+ Added info about setting up custom variables.
* debian/patches:
+ dropped: Fixed in new upstream version (1.2.8)
Multiple vulnerabilities (LFI/XSS/Projax/PHPSELF)
000-Fix-640297-LFI-XSS-injection-bug-action-group-0.diff
000-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff
000-Fix-640297-LFI-XSS-injection-via-PHPSELF.diff
000-Fix-640297-Projax-XSS-injection.diff
* debian/copyright: updated
* debian/mantis.lintian-overrides: added
mantis (1.2.7-1) unstable; urgency=high
* Security Upstream Release (1.2.7)
* Urgency high: Fixes critical LFI/XSS vulnerabilites
* debian/NEWS: updated
* debian/README.Debian: updated
* debian/doc/README.LDAP: updated
* debian/po debconf translations:
+ Added Swedish translation, thanks to
Martin Bagge (Closes: #640061)
+ Fixed Language Field: sv
* debian/patches:
+ dropped:
000-fix-security-bug-bts-638321-filterapi-multiple-XSS.diff
Bug fixed in new upstream release.
+ updated:
000-cleanup-gitignore-file-from-orignal-tarball.diff
+ added: Multiple vulnerabilities (LFI/XSS/Projax/PHPSELF)
Thanks to David Hicks, MantisBT developer. (Closes: #640297)
000-Fix-640297-LFI-XSS-injection-bug-action-group-0.diff
000-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff
000-Fix-640297-LFI-XSS-injection-via-PHPSELF.diff
000-Fix-640297-Projax-XSS-injection.diff
Date: Mon, 12 Sep 2011 18:01:23 +0000
Changed-By: Jamie Strandboge <[email protected]>
Maintainer: Silvia Alvarez <[email protected]>
Origin: Debian/unstable
https://launchpad.net/ubuntu/oneiric/+source/mantis/1.2.8-1
Origin: Debian/unstable
Format: 1.7
Date: Mon, 12 Sep 2011 18:01:23 +0000
Source: mantis
Binary: mantis
Architecture: source
Version: 1.2.8-1
Distribution: oneiric
Urgency: high
Maintainer: Silvia Alvarez <[email protected]>
Changed-By: Jamie Strandboge <[email protected]>
Description:
mantis - web-based bug tracking system
Closes: 640061 640297 640589
Files:
1531030793810c28f4da32bb743948cd 3283526 web optional mantis_1.2.8.orig.tar.gz
4000e367b3fc8c6d7bbc23a692eb9fa2 1829 web optional mantis_1.2.8-1.dsc
afa9f3acbd4112007fe2d46b20b18964 52618 web optional
mantis_1.2.8-1.debian.tar.gz
Changes:
mantis (1.2.8-1) unstable; urgency=medium
.
* Urgency medium: fixed serious bug (policy violations)
+ debian/mantis.config:
Allow set empty password in debconf config to prevent errors in
unattended installations (--frontend:Noninteractive --priority=critical)
(Closes: #640589)
* New Security Upstream Release (1.2.8)
* debian/README.Debian:
+ Added info about setting up custom variables.
* debian/patches:
+ dropped: Fixed in new upstream version (1.2.8)
Multiple vulnerabilities (LFI/XSS/Projax/PHPSELF)
000-Fix-640297-LFI-XSS-injection-bug-action-group-0.diff
000-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff
000-Fix-640297-LFI-XSS-injection-via-PHPSELF.diff
000-Fix-640297-Projax-XSS-injection.diff
* debian/copyright: updated
* debian/mantis.lintian-overrides: added
.
mantis (1.2.7-1) unstable; urgency=high
.
* Security Upstream Release (1.2.7)
* Urgency high: Fixes critical LFI/XSS vulnerabilites
* debian/NEWS: updated
* debian/README.Debian: updated
* debian/doc/README.LDAP: updated
* debian/po debconf translations:
+ Added Swedish translation, thanks to
Martin Bagge (Closes: #640061)
+ Fixed Language Field: sv
* debian/patches:
+ dropped:
000-fix-security-bug-bts-638321-filterapi-multiple-XSS.diff
Bug fixed in new upstream release.
+ updated:
000-cleanup-gitignore-file-from-orignal-tarball.diff
+ added: Multiple vulnerabilities (LFI/XSS/Projax/PHPSELF)
Thanks to David Hicks, MantisBT developer. (Closes: #640297)
000-Fix-640297-LFI-XSS-injection-bug-action-group-0.diff
000-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff
000-Fix-640297-LFI-XSS-injection-via-PHPSELF.diff
000-Fix-640297-Projax-XSS-injection.diff
--
Oneiric-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/oneiric-changes
