[Bug 631584] [NEW] Please sync mantis 1.1.8+dfsg-6 (universe) from Debian unstable (main).

Bhavani Shankar right2bhavi at gmail.com
Mon Sep 6 14:54:44 BST 2010 

Public bug reported:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 affects ubuntu/mantis
 status new
 importance wishlist
 subscribe ubuntu-sponsors

Please sync mantis 1.1.8+dfsg-6 (universe) from Debian unstable (main).

Please sync the current version from debian as it fixes CVE 
vulnerability

Changelog since current maverick version 1.1.8+dfsg-5:

mantis (1.1.8+dfsg-6) unstable; urgency=high

  * debian/patches:
    + Added 08-CVE-2010-2574.diff:  Fix for CVE-2010-2574 XSS 
      vulnerability when deleting categories that have been 
      maliciously named.(Closes: #595510)

 -- Silvia Alvarez <sils at powered-by-linux.com>  Sun, 05 Sep 2010
01:58:01 +0200


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFMhPRoUlfC4uPMy3QRAnSnAKDUg1ZD9BkVg8r7pLvH5ain9XLCXgCbByiQ
YN0AwS/Ah+VCkUFMyqN5Qe4=
=mp5g
-----END PGP SIGNATURE-----

** Affects: mantis (Ubuntu)
     Importance: Wishlist
         Status: New

-- 
Please sync mantis 1.1.8+dfsg-6 (universe) from Debian unstable (main).
https://bugs.launchpad.net/bugs/631584
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is a direct subscriber.

Status in “mantis” package in Ubuntu: New

Bug description:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 affects ubuntu/mantis
 status new
 importance wishlist
 subscribe ubuntu-sponsors

Please sync mantis 1.1.8+dfsg-6 (universe) from Debian unstable (main).

Please sync the current version from debian as it fixes CVE 
vulnerability

Changelog since current maverick version 1.1.8+dfsg-5:

mantis (1.1.8+dfsg-6) unstable; urgency=high

  * debian/patches:
    + Added 08-CVE-2010-2574.diff:  Fix for CVE-2010-2574 XSS 
      vulnerability when deleting categories that have been 
      maliciously named.(Closes: #595510)

 -- Silvia Alvarez <sils at powered-by-linux.com>  Sun, 05 Sep 2010 01:58:01 +0200


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFMhPRoUlfC4uPMy3QRAnSnAKDUg1ZD9BkVg8r7pLvH5ain9XLCXgCbByiQ
YN0AwS/Ah+VCkUFMyqN5Qe4=
=mp5g
-----END PGP SIGNATURE-----

More information about the Ubuntu-sponsors mailing list