[ubuntu/natty] dtc 0.32.10-1 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Fri Mar 11 16:55:55 UTC 2011
dtc (0.32.10-1) unstable; urgency=low
* Re-releasing, because version 0.32.9 had a buggy bw_per_month.php (it was
never displayed).
dtc (0.32.9-1) unstable; urgency=low
* Fixes: CVE-2011-0434: SQL injection in bw_per_month.php graph
* Fixes: CVE-2011-0435: Bandwidth information disclosure in bw_per_month.php
graph.
* Fixes: CVE-2011-0436: Passwords being emailed to the admin in clear text
(Closes: #614302).
* Fixes: CVE-2011-0437: Removed dangerous SQL old unused code for ssh
accounts management.
dtc (0.32.8-1) unstable; urgency=low
* Removed the user_cronjob that shouldn't have been there at all.
dtc (0.32.7-1) unstable; urgency=low
* Removed all addslashes() calls for the graphs, replaced it with some double
quotes, so that l12n is working as expected (unbreaks graphs of 0.32.6).
dtc (0.32.6-1) unstable; urgency=low
* New upstream version fixing the following:
- Fixed the HELO in the daemon status so that it doesn't fail in CentOS.
- Fixed l12n of graphs using single quotes.
- Switched some add_slashes to mysql_real_escape_string.
Date: Fri, 11 Mar 2011 16:55:12 +0000
Changed-By: Thomas Goirand <thomas at goirand.fr>
Maintainer: Thomas Goirand <zigo at debian.org>
Origin: Debian/unstable
https://launchpad.net/ubuntu/natty/+source/dtc/0.32.10-1
-------------- next part --------------
Origin: Debian/unstable
Format: 1.7
Date: Fri, 11 Mar 2011 16:55:12 +0000
Source: dtc
Binary: dtc-common, dtc-dos-firewall, dtc-postfix-dovecot, dtc-core, dtc-cyrus, dtc-postfix-courier, dtc-stats-daemon, dtc-toaster, dtc-autodeploy
Architecture: source
Version: 0.32.10-1
Distribution: natty
Urgency: low
Maintainer: Thomas Goirand <zigo at debian.org>
Changed-By: Thomas Goirand <thomas at goirand.fr>
Closes: 614302
Files:
70f854b3fe7c6ccad3fd48fe72f5b210 12111999 admin extra dtc_0.32.10.orig.tar.gz
61c74e40fd53a439be1413f7a40239ab 98958 admin extra dtc_0.32.10-1.diff.gz
067c2f35d6085cbcde2431477bed8f5d 1253 admin extra dtc_0.32.10-1.dsc
Changes:
dtc (0.32.10-1) unstable; urgency=low
.
* Re-releasing, because version 0.32.9 had a buggy bw_per_month.php (it was
never displayed).
.
dtc (0.32.9-1) unstable; urgency=low
.
* Fixes: CVE-2011-0434: SQL injection in bw_per_month.php graph
* Fixes: CVE-2011-0435: Bandwidth information disclosure in bw_per_month.php
graph.
* Fixes: CVE-2011-0436: Passwords being emailed to the admin in clear text
(Closes: #614302).
* Fixes: CVE-2011-0437: Removed dangerous SQL old unused code for ssh
accounts management.
.
dtc (0.32.8-1) unstable; urgency=low
.
* Removed the user_cronjob that shouldn't have been there at all.
.
dtc (0.32.7-1) unstable; urgency=low
.
* Removed all addslashes() calls for the graphs, replaced it with some double
quotes, so that l12n is working as expected (unbreaks graphs of 0.32.6).
.
dtc (0.32.6-1) unstable; urgency=low
.
* New upstream version fixing the following:
- Fixed the HELO in the daemon status so that it doesn't fail in CentOS.
- Fixed l12n of graphs using single quotes.
- Switched some add_slashes to mysql_real_escape_string.
More information about the Natty-changes
mailing list