Accepted mantis 0.19.2-4 (source)

Martin Pitt martin.pitt at ubuntu.com
Wed Sep 14 13:40:04 CDT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Origin: Debian/unstable
Format: 1.7
Date: Wed,  14 Sep 2005 19:34:09 +0100
Source: mantis
Binary: mantis
Architecture: source
Version: 0.19.2-4
Distribution: breezy
Urgency: high
Maintainer: Hilko Bengen <bengen at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description: 
 mantis     - web-based bug tracking system
Changes: 
 mantis (0.19.2-4) stable-security; urgency=HIGH
 .
   * Maintainer upload for the security team
   * Fixes CAN-2005-2556
     - Mantis bug#0005956: Fixes "Database system scanner via variable
       poisoning" vulnerability
   * Fixes CAN-2005-2557
     - Mantis bug#0005959: Fixes cross-site-scripting vulnerability in
       view_all_set.php
     - Mantis bug#0006002: Fixes cross-site-scripting vulnerability in
       view_all_bug_page.php
   * Thanks to Joxean Koret <joxeankoret at yahoo.es> for pointing these
     issues out. Thanks to Glenn Henshaw <thraxisp4 at mac.com> for providing
     detailed information by sending the BTS entries per mail
     
     Unfortunately, to my knowledge, upstream developers have neither made
     those entries publicly available nor issued warnings after fixing the
     bugs.
Files: 
 645a849f54cada06624b040ca106310f 568 web optional mantis_0.19.2-4.dsc
 311c66f058bfd06ef02d97dc0dad4880 34601 web optional mantis_0.19.2-4.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iQEVAwUBQyhtIgF4adwMEr3XAQLeUgf+LGBzAQNdWML+bSkXec61n3KQHw29o+Fo
rmN3W30TwDPfyyneEfjhzHM5LdWEL1dhFu9pIj/78JSJgjWJSLLc5igK7avRIaaa
EsHzWE7QL2dzlkj5K/XMCjpRPaF+Wr2vpY3LwNwnAI74hDwAU8bNGvgVYTj3LTKi
0+gNFxKdQAjYpVgjbcwzP1kFQaNBlrAvQ1XVl6FayyQsKV7KxVaEuJ20FvFY/88D
UEb6Zn0n7y6jVwvlR/0K7dMEebz0FayYotbc362YqTv/C/DvGuhn0XxO6yQWQuh0
aj7fzVIodM+0lLDoxcgeuriT1JwTpikFPWX5JqC3GabVHoy9w3dshQ==
=P7h4
-----END PGP SIGNATURE-----


Accepted:
mantis_0.19.2-4.diff.gz
  to pool/universe/m/mantis/mantis_0.19.2-4.diff.gz
mantis_0.19.2-4.dsc
  to pool/universe/m/mantis/mantis_0.19.2-4.dsc




More information about the breezy-changes mailing list