[ubuntu/oneiric] mantis 1.2.8-1 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Mon Sep 12 18:02:08 UTC 2011
mantis (1.2.8-1) unstable; urgency=medium
* Urgency medium: fixed serious bug (policy violations)
+ debian/mantis.config:
Allow set empty password in debconf config to prevent errors in
unattended installations (--frontend:Noninteractive --priority=critical)
(Closes: #640589)
* New Security Upstream Release (1.2.8)
* debian/README.Debian:
+ Added info about setting up custom variables.
* debian/patches:
+ dropped: Fixed in new upstream version (1.2.8)
Multiple vulnerabilities (LFI/XSS/Projax/PHPSELF)
000-Fix-640297-LFI-XSS-injection-bug-action-group-0.diff
000-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff
000-Fix-640297-LFI-XSS-injection-via-PHPSELF.diff
000-Fix-640297-Projax-XSS-injection.diff
* debian/copyright: updated
* debian/mantis.lintian-overrides: added
mantis (1.2.7-1) unstable; urgency=high
* Security Upstream Release (1.2.7)
* Urgency high: Fixes critical LFI/XSS vulnerabilites
* debian/NEWS: updated
* debian/README.Debian: updated
* debian/doc/README.LDAP: updated
* debian/po debconf translations:
+ Added Swedish translation, thanks to
Martin Bagge (Closes: #640061)
+ Fixed Language Field: sv
* debian/patches:
+ dropped:
000-fix-security-bug-bts-638321-filterapi-multiple-XSS.diff
Bug fixed in new upstream release.
+ updated:
000-cleanup-gitignore-file-from-orignal-tarball.diff
+ added: Multiple vulnerabilities (LFI/XSS/Projax/PHPSELF)
Thanks to David Hicks, MantisBT developer. (Closes: #640297)
000-Fix-640297-LFI-XSS-injection-bug-action-group-0.diff
000-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff
000-Fix-640297-LFI-XSS-injection-via-PHPSELF.diff
000-Fix-640297-Projax-XSS-injection.diff
Date: Mon, 12 Sep 2011 18:01:23 +0000
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Silvia Alvarez <sils at powered-by-linux.com>
Origin: Debian/unstable
https://launchpad.net/ubuntu/oneiric/+source/mantis/1.2.8-1
-------------- next part --------------
Origin: Debian/unstable
Format: 1.7
Date: Mon, 12 Sep 2011 18:01:23 +0000
Source: mantis
Binary: mantis
Architecture: source
Version: 1.2.8-1
Distribution: oneiric
Urgency: high
Maintainer: Silvia Alvarez <sils at powered-by-linux.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
mantis - web-based bug tracking system
Closes: 640061 640297 640589
Files:
1531030793810c28f4da32bb743948cd 3283526 web optional mantis_1.2.8.orig.tar.gz
4000e367b3fc8c6d7bbc23a692eb9fa2 1829 web optional mantis_1.2.8-1.dsc
afa9f3acbd4112007fe2d46b20b18964 52618 web optional mantis_1.2.8-1.debian.tar.gz
Changes:
mantis (1.2.8-1) unstable; urgency=medium
.
* Urgency medium: fixed serious bug (policy violations)
+ debian/mantis.config:
Allow set empty password in debconf config to prevent errors in
unattended installations (--frontend:Noninteractive --priority=critical)
(Closes: #640589)
* New Security Upstream Release (1.2.8)
* debian/README.Debian:
+ Added info about setting up custom variables.
* debian/patches:
+ dropped: Fixed in new upstream version (1.2.8)
Multiple vulnerabilities (LFI/XSS/Projax/PHPSELF)
000-Fix-640297-LFI-XSS-injection-bug-action-group-0.diff
000-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff
000-Fix-640297-LFI-XSS-injection-via-PHPSELF.diff
000-Fix-640297-Projax-XSS-injection.diff
* debian/copyright: updated
* debian/mantis.lintian-overrides: added
.
mantis (1.2.7-1) unstable; urgency=high
.
* Security Upstream Release (1.2.7)
* Urgency high: Fixes critical LFI/XSS vulnerabilites
* debian/NEWS: updated
* debian/README.Debian: updated
* debian/doc/README.LDAP: updated
* debian/po debconf translations:
+ Added Swedish translation, thanks to
Martin Bagge (Closes: #640061)
+ Fixed Language Field: sv
* debian/patches:
+ dropped:
000-fix-security-bug-bts-638321-filterapi-multiple-XSS.diff
Bug fixed in new upstream release.
+ updated:
000-cleanup-gitignore-file-from-orignal-tarball.diff
+ added: Multiple vulnerabilities (LFI/XSS/Projax/PHPSELF)
Thanks to David Hicks, MantisBT developer. (Closes: #640297)
000-Fix-640297-LFI-XSS-injection-bug-action-group-0.diff
000-Fix-640297-LFI-XSS-injection-bug-action-group-1.diff
000-Fix-640297-LFI-XSS-injection-via-PHPSELF.diff
000-Fix-640297-Projax-XSS-injection.diff
More information about the Oneiric-changes
mailing list