Your message dated Mon, 09 Mar 2015 13:04:50 +0000
with message-id <[email protected]>
and subject line Bug#780100: fixed in tcllib 1.16-dfsg-2
has caused the Debian Bug report #780100,
regarding tcllib: XSS in html::textarea
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
780100: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780100
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: tcllib
Severity: important
Tags: security
Hi,
please see
https://www.sektioneins.de/en/advisories/advisory-012015-xss-tcllib-html-textarea.html
It would be nice if we could get that fixed in jessie.
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: tcllib
Source-Version: 1.16-dfsg-2
We believe that the bug you reported is fixed in the latest version of
tcllib, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sergei Golovan <[email protected]> (supplier of updated tcllib package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 09 Mar 2015 15:12:05 +0300
Source: tcllib
Binary: tcllib
Architecture: source all
Version: 1.16-dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: Tcl/Tk Debian Packagers <[email protected]>
Changed-By: Sergei Golovan <[email protected]>
Description:
tcllib - Standard Tcl Library
Closes: 780100
Changes:
tcllib (1.16-dfsg-2) unstable; urgency=medium
.
* Added a patch from upstream which fixes an XSS vulnerability in
the html module for <textarea/> elements (closes: #780100).
Checksums-Sha1:
68bfcfce5ab51520f63394187296266a8e33af1f 1815 tcllib_1.16-dfsg-2.dsc
ccc97460432e3c82582d2d3872003951d1991e75 9340 tcllib_1.16-dfsg-2.debian.tar.xz
184a797ccc5223a1f0e3154c5df39f458c916d22 3950168 tcllib_1.16-dfsg-2_all.deb
Checksums-Sha256:
80a56178f0887759194d23f850ec4f3a34d47e6624186c0bc468dc74ecef8c50 1815
tcllib_1.16-dfsg-2.dsc
85538f8b6f6b442878a5fbbe6170fc3d5567aba306591940aade73c8a2184ee8 9340
tcllib_1.16-dfsg-2.debian.tar.xz
c09e438419d4c8cfc3af13e5c46ff4aa0df564d78597b41c3858ece5c11e53fd 3950168
tcllib_1.16-dfsg-2_all.deb
Files:
246005cbcdd551830f34538be5b1b733 1815 interpreters optional
tcllib_1.16-dfsg-2.dsc
1a795db10ded7d02b866e4171a0f88f1 9340 interpreters optional
tcllib_1.16-dfsg-2.debian.tar.xz
63148b60978dd101c821f40b3ccb979e 3950168 interpreters optional
tcllib_1.16-dfsg-2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBVP2Wd1fnxjJPgTkdAQhmiw//VNSeeB28s5OOPfcBXbzVgznPviHcGbDJ
CRcUAvdF/zrDbMIMsNza9Rg7eOfFh+0YTT4RX2w0i05KYgftJ/3MJ+/k+hCpZcYg
1TAtYCSXh8rbqeV4axJ1+WZeF6HQDajKXJ7JAqMfXgcFXipyly1Og5vR9f7V/qEA
7UVlktGz9//Vob58z04b90GgHGllbPyX5Jlycv5b/hkhkzE/hI9H9JWl4ro5I+oB
QT25dYVqt7lzsPNUQuGo4KwCb5/QzNM5tRSgUeMvq4FngY8qqX/MHWcOZ3LVm2NX
qpQklfkTxRTEs9ODy6v+OyFkdmCEyyGXmC4rD9lIdFbJbLEa42LJLZ+r4vfNG7Hu
oHpJwQvOPm3fv/bXFxuQ5dncc9bO0wXT1IjcBwnJ2kkeMppELJ+KDCY9BZ4t7leu
+zE5Gbw4KqMsVctEtFTFLWS7AiHfVUol8XWC6Tw6n/UYQy2HqbcU8G+f0fpr8Sw4
XXGUJh+osOC+vBknH6eAMXoW50ZlxEUi77xZO4akwfadXco9Hhz0sQg8bfTvF2Kh
4iaGUkeV70fk3PTo5CMKumYpCJkGrR5MdsLJ8BUmjXmEtWQFlajV9PRZhEENWao4
PAhNXsWiRUXag867v0Oes4FAkliJ6nRS51OFkJEJSqL1/cv0gRA+4RB3jY0cIkh0
tOjPhIwzEco=
=zgX3
-----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________
Pkg-tcltk-devel mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-tcltk-devel
