[Bug 312882] [NEW] Please sync php-xajax (0.2.5-4) (universe) from debian unstable main.
Launchpad Bug Tracker
312882 at bugs.launchpad.net
Thu Jan 1 15:06:56 GMT 2009
You have been subscribed to a public bug by Steve Stalcup (vorian):
Binary package hint: php-xajax
Please sync the latest version from debian as it fixes a CVE.
Changelog since the current jaunty version:
php-xajax (0.2.5-4) unstable; urgency=medium
* Urgency set to medium since it possibly fixes a security bug,
check debian/patches/fix_cross-site_scripting_CVE-2007-2739.dpatch
for details.
* Bump Standards-Version to 3.8.0:
+ debian/control: Added Homepage field.
* debian/control
+ Added Vcs-Svn and Vcs-Browser fields.
+ Updated project homepage.
* Add dpatch support:
+ debian/control: added dpatch build-dependency
+ debian/rules: added patch/unpatch targets in clean/build
and include dpatch.make
+ debian/patches/fix_undefined_variable_sresponse.dpatch:
included previous fixes (0.2.5-2 and 0.2.5-3) as a patch
+ debian/patches/fix_cross-site_scripting_CVE-2007-2739.dpatch:
Fix properly cross-site scripting in URL input using htmlspecialchars
This fixes CVE-2007-2739 and Closes: #509024.
+ debian/patches/00list: created and included previous patches
* debian/rules: Link examples to /usr/share/doc/php-xajax/examples
and tests to /usr/share/php/tests/xajax (Closes: #391615).
They are still under /usr/share/php/xajax in order to be ready
to run out of the box.
* debian/README.Debian: mention the presence of examples and tests in
the package and the way to access them.
-- David Gil <dgil at telefonica.net> Thu, 25 Dec 2008 13:20:09 +0100
** Affects: php-xajax (Ubuntu)
Importance: Wishlist
Status: Confirmed
--
Please sync php-xajax (0.2.5-4) (universe) from debian unstable main.
https://bugs.edge.launchpad.net/bugs/312882
You received this bug notification because you are a member of Ubuntu Package Archive Administrators, which is a direct subscriber.
More information about the ubuntu-archive
mailing list