Processed (with 5 errors): Re: Bug#689691: unblock: php-letodms-core/3.3.9-1
Processing commands for cont...@bugs.debian.org: reopen 689691 Bug #689691 {Done: Niels Thykier ni...@thykier.net} [release.debian.org] unblock: php-letodms-core/3.3.9-1 Bug reopened Ignoring request to alter fixed versions of bug #689691 to the same values previously set Hi, I comment bellow, El dom, 14-10-2012 a las 09:08 +0200, Niels Thykier escribió: On 2012-10-08 17:37, Francisco Manuel Garcia Claramonte wrote: Too many unknown commands, stopping here. Please contact me if you need assistance. -- 689691: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689691 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.c.13505841523813.transcr...@bugs.debian.org
Bug#689691: unblock: php-letodms-core/3.3.9-1
reopen 689691 Hi, I comment bellow, El dom, 14-10-2012 a las 09:08 +0200, Niels Thykier escribió: On 2012-10-08 17:37, Francisco Manuel Garcia Claramonte wrote: I have prepared a diff file from my GIT Debian development copy (just local copy). It shows all changes from 3.3.4-1 to 3.3.9-1 [1]. I have prepared another diff file with main changes, removed some unneeded diffs (in files as example), to easy review [2]. And a full debdiff [3] file. Much harder to review. Please tell me if you need anything else, or I can help you in some way. [1] http://people.debian.org/~francisco/letodms/php-letodms-core_3.3.4--3.3.9.git.diff [2] http://people.debian.org/~francisco/letodms/php-letodms-core_3.3.4--3.3.9.git-main_changes.diff [3] http://people.debian.org/~francisco/letodms/php-letodms-core_3.3.4--3.3.9.debdiff [1] and [2] where much much better than the full debdiff [3]. We found a bug in PHP source, I have patched the source package and upload to unstable. Attach the debdiff with the changes (very simple to review). Please, Could you unblock php-letodms-3.3.9-2. Thank you for your support. Regards, Francis Unblocked, thanks. ~Niels -- Francisco M. García Claramonte Debian GNU/Linux Developer franci...@debian.org GPG: public key ID 556ABA51 http://people.debian.org/~francisco/ diffstat for php-letodms-core-3.3.9 php-letodms-core-3.3.9 changelog|6 ++ patches/fix_classDMS_method.diff | 11 +++ patches/series |1 + 3 files changed, 18 insertions(+) diff -Nru php-letodms-core-3.3.9/debian/changelog php-letodms-core-3.3.9/debian/changelog --- php-letodms-core-3.3.9/debian/changelog 2012-09-20 11:58:11.0 +0200 +++ php-letodms-core-3.3.9/debian/changelog 2012-10-18 12:01:23.0 +0200 @@ -1,3 +1,9 @@ +php-letodms-core (3.3.9-2) unstable; urgency=low + + * Added debian patch fix_classDMS_method to fix a PHP source bug. + + -- Francisco Manuel Garcia Claramonte franci...@debian.org Thu, 18 Oct 2012 11:26:00 +0200 + php-letodms-core (3.3.9-1) unstable; urgency=low * New upstream release (More security fixes for preventing CSRF, XSS and sql diff -Nru php-letodms-core-3.3.9/debian/patches/fix_classDMS_method.diff php-letodms-core-3.3.9/debian/patches/fix_classDMS_method.diff --- php-letodms-core-3.3.9/debian/patches/fix_classDMS_method.diff 1970-01-01 01:00:00.0 +0100 +++ php-letodms-core-3.3.9/debian/patches/fix_classDMS_method.diff 2012-10-18 11:21:52.0 +0200 @@ -0,0 +1,11 @@ +--- a/LetoDMS_Core-3.3.9/Core/inc.ClassDMS.php b/LetoDMS_Core-3.3.9/Core/inc.ClassDMS.php +@@ -1139,7 +1139,7 @@ + if (is_object($this-getDocumentCategoryByName($name))) { + return false; + } +- $queryStr = INSERT INTO tblCategory (name) VALUES (.$this-db-qstr($name).); ++ $queryStr = INSERT INTO tblCategory (name) VALUES (.$this-db-qstr($name).); + if (!$this-db-getResult($queryStr)) + return false; + diff -Nru php-letodms-core-3.3.9/debian/patches/series php-letodms-core-3.3.9/debian/patches/series --- php-letodms-core-3.3.9/debian/patches/series1970-01-01 01:00:00.0 +0100 +++ php-letodms-core-3.3.9/debian/patches/series2012-10-18 11:20:23.0 +0200 @@ -0,0 +1 @@ +fix_classDMS_method.diff signature.asc Description: This is a digitally signed message part
Bug#689691: unblock: php-letodms-core/3.3.9-1
Hi Niels, Thanks for your support. I comment below. El sáb, 06-10-2012 a las 11:38 +0200, Niels Thykier escribió: Control: tags -1 moreinfo On 2012-10-05 10:12, Francisco Manuel Garcia Claramonte wrote: Subject: unblock: php-letodms-core/3.3.9-1 Package: release.debian.org User: release.debian@packages.debian.org Usertags: unblock Severity: normal Please unblock package php-letodms-core The current letodms version in testing (3.3.4-1) has some important security vulnerabilities. New php-letodms-core-3.3.9-1 fixes all these issues. unblock php-letodms-core/3.3.9-1 Thank you, Regards, Francisco. Can you please attach a debdiff of the actual changes. Particularly it would be very useful for us if the changes were not remove all files from 3.3.4 and add all files in 3.3.9[1]. Yes, the debdiff is a bit confusing because on each release the directory LetoDMS_Core-3.3.X is replaced fully by LetoDMS_Core-3.3.[X+1] Most changes in LetoDMS_Core-3.3.9/Core/*.php are just a version update in headers. Example: -- LetoDMS_Core-3.3.9/Core/inc.AccessUtils.php -- similarity index 96% rename from LetoDMS_Core-3.3.4/Core/inc.AccessUtils.php rename to LetoDMS_Core-3.3.9/Core/inc.AccessUtils.php index 9a97aa4..1613cec 100644 @@ -8,9 +8,9 @@ - * @versionRelease: 3.3.4 + * @versionRelease: 3.3.9 */ I have prepared a diff file from my GIT Debian development copy (just local copy). It shows all changes from 3.3.4-1 to 3.3.9-1 [1]. I have prepared another diff file with main changes, removed some unneeded diffs (in files as example), to easy review [2]. And a full debdiff [3] file. Much harder to review. Please tell me if you need anything else, or I can help you in some way. [1] http://people.debian.org/~francisco/letodms/php-letodms-core_3.3.4--3.3.9.git.diff [2] http://people.debian.org/~francisco/letodms/php-letodms-core_3.3.4--3.3.9.git-main_changes.diff [3] http://people.debian.org/~francisco/letodms/php-letodms-core_3.3.4--3.3.9.debdiff Regards, Francisco -- Francisco M. García Claramonte Debian GNU/Linux Developer franci...@debian.org GPG: public key ID 556ABA51 http://people.debian.org/~francisco/ signature.asc Description: This is a digitally signed message part
Bug#689691: unblock: php-letodms-core/3.3.9-1
Control: tags -1 moreinfo On 2012-10-05 10:12, Francisco Manuel Garcia Claramonte wrote: Subject: unblock: php-letodms-core/3.3.9-1 Package: release.debian.org User: release.debian@packages.debian.org Usertags: unblock Severity: normal Please unblock package php-letodms-core The current letodms version in testing (3.3.4-1) has some important security vulnerabilities. New php-letodms-core-3.3.9-1 fixes all these issues. unblock php-letodms-core/3.3.9-1 Thank you, Regards, Francisco. Can you please attach a debdiff of the actual changes. Particularly it would be very useful for us if the changes were not remove all files from 3.3.4 and add all files in 3.3.9[1]. ~Niels [1] The diff we get is 33 files changed, 7519 insertions(+), 7376 deletions(-) and next to useless for us to review. -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/506ffc25.3020...@thykier.net
Processed: Re: Bug#689691: unblock: php-letodms-core/3.3.9-1
Processing control commands: tags -1 moreinfo Bug #689691 [release.debian.org] unblock: php-letodms-core/3.3.9-1 Added tag(s) moreinfo. -- 689691: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=689691 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b689691.134951633323353.transcr...@bugs.debian.org
Bug#689691: unblock: php-letodms-core/3.3.9-1
Subject: unblock: php-letodms-core/3.3.9-1 Package: release.debian.org User: release.debian@packages.debian.org Usertags: unblock Severity: normal Please unblock package php-letodms-core The current letodms version in testing (3.3.4-1) has some important security vulnerabilities. New php-letodms-core-3.3.9-1 fixes all these issues. unblock php-letodms-core/3.3.9-1 Thank you, Regards, Francisco. -- Francisco M. García Claramonte Debian GNU/Linux Developer franci...@debian.org GPG: public key ID 556ABA51 http://people.debian.org/~francisco/ signature.asc Description: This is a digitally signed message part