[ubuntu/trusty-security] extplorer 2.1.0b6+dfsg.3-4+deb7u3build0.14.04.1 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Thu Jun 30 20:22:14 UTC 2016
extplorer (2.1.0b6+dfsg.3-4+deb7u3build0.14.04.1) trusty-security; urgency=medium
* fake sync from Debian
extplorer (2.1.0b6+dfsg.3-4+deb7u3) wheezy-security; urgency=high
* Non-maintainer upload by the Wheezy LTS Team.
* CVE-2015-5660
Cross-site request forgery (CSRF) vulnerability allows remote
attackers to hijack the authentication of arbitrary users for
requests that execute PHP code.
extplorer (2.1.0b6+dfsg.3-4+deb7u2) wheezy-security; urgency=high
* Non-maintainer upload by the Wheezy LTS Team.
* Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer
before 2.1.7 allow remote attackers to inject arbitrary web script
or HTML via unspecified vectors.
CVE-2015-0896 (Closes: #783231)
extplorer (2.1.0b6+dfsg.3-4+deb7u1) wheezy-security; urgency=low
* Upstream fix for XSS, path traversal and auth vulnerabilities.
Date: 2016-06-30 06:28:15.122913+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/extplorer/2.1.0b6+dfsg.3-4+deb7u3build0.14.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list