-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 12 Jan 2016 09:17:35 +0530 Source: radicale Binary: radicale python-radicale python3-radicale Architecture: source all Version: 1.1.1-1 Distribution: unstable Urgency: medium Maintainer: Jonas Smedegaard <d...@jones.dk> Changed-By: Jonas Smedegaard <d...@jones.dk> Description: python-radicale - simple calendar and addressbook server - python2 module python3-radicale - simple calendar and addressbook server - python3 module radicale - simple calendar and addressbook server - daemon Closes: 809920 Changes: radicale (1.1.1-1) unstable; urgency=medium . [ upstream ] * New release(s). Changed functionality: + Use the first matching section for rights. Security fixes: + Improve the regex used for well-known URIs. + Prevent regex injection in rights management. + Prevent crafted HTTP request from calling arbitrary functions. + Improve URI sanitation and conversion to filesystem path. + Decouple the daemon from its parent environment. Closes: bug#809920 (CVE-2015-8747 CVE-2015-8748). Thanks to Felix Knecht. Bugfixes and minor enhancements: + Assign new items to correct key. + Avoid race condition in PID file creation. + Improve the docker version. + Encode message and committer for git commits. + Test with Python 3.5. . [ Jonas Smedegaard ] * Update TODOs. * Add NEWS entry about changed access rights parsing logic. * Drop patches now included upstream. Checksums-Sha1: fb0e4f2f2b7f655c6563c122fa56da7c2b8f6286 2132 radicale_1.1.1-1.dsc cff3e6df3e55ac4534a826cb246a92591b1be1ec 52208 radicale_1.1.1.orig.tar.gz 58ff3df1eedd5a654325e453c640bc4bd9b8dfc5 20444 radicale_1.1.1-1.debian.tar.xz 8db29698c79e71f119ac0bcf8c20bab9fff8c60e 36822 python-radicale_1.1.1-1_all.deb 5b0821e8f13d808c85eea8681f49b825d495de2b 36636 python3-radicale_1.1.1-1_all.deb d50beb6e0d947c8b75490cedac236e1811b2556a 28086 radicale_1.1.1-1_all.deb Checksums-Sha256: 6e0a9971a68aeeba49fe9b614e39f500d5c9648d6a8ff47b7b8c9a92d87f53fa 2132 radicale_1.1.1-1.dsc f978e6bdfab329a8d2d643584f02c4d2788a44b360ed4c326dea9e2735df81f6 52208 radicale_1.1.1.orig.tar.gz ea06661a6a71047daf1500a5aea0c275a0f15929c8dee4bb59858144c2afb2f0 20444 radicale_1.1.1-1.debian.tar.xz 7e30f8c5b4debac2e5d346dd352c8250bfaec02533ec15f4bf98ca0824dcefb4 36822 python-radicale_1.1.1-1_all.deb b9e0f029a49a5dd813d8e519ddc695c02c31d8d4068ded19961d51b96804b727 36636 python3-radicale_1.1.1-1_all.deb 72d9343aa719420a2d2796d7c2310c49ef978b07afe340300a6a515525ff83d0 28086 radicale_1.1.1-1_all.deb Files: 9721bfa07a59418c0eb963d50261597d 2132 web optional radicale_1.1.1-1.dsc aeb388f24cd64e75dda2c03c6b7ede18 52208 web optional radicale_1.1.1.orig.tar.gz 41dc5b20f0c7fb3227caeacb09f05c46 20444 web optional radicale_1.1.1-1.debian.tar.xz 30223b247f5a47984434d91f22d5674f 36822 python optional python-radicale_1.1.1-1_all.deb 362b70813a60a74c7dbe11f12aeedfc2 36636 python optional python3-radicale_1.1.1-1_all.deb c1293afb8966c8d9d5700f0ffbdff40a 28086 web optional radicale_1.1.1-1_all.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWlHr5AAoJECx8MUbBoAEhBlIP/RFc1KMpRF1+JCa4dKSTQzT+ RQ08MtLzljGAw1fzAM/8jibep1odx8uvhtXnKrNt2A3TNKnj2sLjo2Of+utTE0qQ AIpQNfrtsEU8k4xKcueEsbJYokJVoQOj0LGsJMzzOdnSQBfZXu3PmiZPv5uh0C27 mc+ryz2v8TTL2HeZlk8D5mhU17WlVVpNxBRfvDN/X9JiETQXlUvLYHIep/TDLLYe 3bJoGPdj96D1LnFIYXOCQjy+ixJJtaWA3kUarb2ov8O39klJ/I1T9T2lj3nBobQZ BBjZksGtwQVMGeBMTZiRl1aXHrQikwqmVW4PUnQtKDqtWMWZp+Co5f6whX2mxUJN JMecT7qsHdfxYfvEYmUf7Xt9hWeCyBDRzSkmAMfkOwk7Ammn9mAHtiOAsUG6woJ+ h8dV0qp/l7uORB06m2yHPp/qCzzZcPNiXkSlqCf+vltCce+1dyPCeLVnvNBvRK8p r1DwEtm7kWRi9Wd42mupRZOVM93hpivoljgD6pWjynC16MDAAbdGkU7c/cN/K6kz a0NB3MupnK/nDte7ebGUja9jScO9GTzvh8PpA34Wbi2VsmGFz/xutS7yV8fhwpns Isyf6TgihkAH8i0cXOB7rESjluWpGcdXjfUOu6r+xqS+ELLSaljZ4RWzCD8eODWW 1C5XjLGmsMweWlw+89XS =ahBN -----END PGP SIGNATURE-----