Bug#345288: mantis: Plethora of vulnerabilities

2006-01-06 Thread Thijs Kinkhorst
On Fri, January 6, 2006 06:48, Igor Genibel wrote: Please read the bugs filled against wnpp concerning mantis. It is already adopted and uploaded. Good to hear that. Especially with those vulnerabilities it's good when there's an active maintainer. BTW, are you considering of moving the

Bug#345288: mantis: Plethora of vulnerabilities

2006-01-05 Thread Igor Genibel
* Igor Genibel [EMAIL PROTECTED] [2006-01-04 14:40:19 +0100]: * Moritz Muehlenhoff [EMAIL PROTECTED] [2005-12-30 05:02:37 +0100]: Package: mantis Severity: grave Tags: security Justification: user security hole Hi all, I'm just taking over this package. I currently working on new

Bug#345288: mantis: Plethora of vulnerabilities

2006-01-04 Thread Igor Genibel
* Moritz Muehlenhoff [EMAIL PROTECTED] [2005-12-30 05:02:37 +0100]: Package: mantis Severity: grave Tags: security Justification: user security hole Hi all, I'm just taking over this package. I currently working on new upload. Please, be a little bit more patient :) -- Igor Genibel «Non

Bug#345288: mantis: Plethora of vulnerabilities

2006-01-02 Thread Moritz Muehlenhoff
Hilko Bengen wrote: Thijs Kinkhorst [EMAIL PROTECTED] writes: If/when I'll upload to unstable I'll orphan the package, unless Hilko wants to keep on maintaining it for now. Have said vulnerabilities been fixed in 0.19.4? If yes, I suppose I could do a quick uploead for unstable. It's

Bug#345288: mantis: Plethora of vulnerabilities

2006-01-02 Thread Hilko Bengen
Moritz Muehlenhoff [EMAIL PROTECTED] writes: Hilko Bengen wrote: Thijs Kinkhorst [EMAIL PROTECTED] writes: If/when I'll upload to unstable I'll orphan the package, unless Hilko wants to keep on maintaining it for now. Have said vulnerabilities been fixed in 0.19.4? If yes, I suppose I

Bug#345288: mantis: Plethora of vulnerabilities

2005-12-30 Thread Thijs Kinkhorst
On Fri, 2005-12-30 at 05:02 +0100, Moritz Muehlenhoff wrote: Lots of vulnerabilites have yet again been found in Mantis: Since I've taken care of the previous round of vulnerabilities, I'll take a look to see what I can do here, but provide no guarantees at this point. [Hilko, in another bug

Bug#345288: mantis: Plethora of vulnerabilities

2005-12-30 Thread Hilko Bengen
Thijs Kinkhorst [EMAIL PROTECTED] writes: If/when I'll upload to unstable I'll orphan the package, unless Hilko wants to keep on maintaining it for now. Have said vulnerabilities been fixed in 0.19.4? If yes, I suppose I could do a quick uploead for unstable. No, I do not want to keep

Bug#345288: mantis: Plethora of vulnerabilities

2005-12-29 Thread Moritz Muehlenhoff
Package: mantis Severity: grave Tags: security Justification: user security hole Lots of vulnerabilites have yet again been found in Mantis: CVE-2005-4524: Notes on private bugs may be leaked. CVE-2005-4523: Private bugs may be leaked through RSS feeds. CVE-2005-4522: XSS in