Your message dated Thu, 02 Aug 2012 17:18:04 +0000
with message-id <[email protected]>
and subject line Bug#683667: fixed in spip 2.1.17-1
has caused the Debian Bug report #683667,
regarding Base name disclosure fixed in new 2.1.17 upstream release
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
683667: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683667
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: spip
Version: 2.1.16-1
Severity: important
Tags: security patch upstream
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Upstream just released a new version, fixing a security issue (base name
disclosure). I'll upload the 2.1.17-1 package today, and will backport
the fix for stable.
Regards
David
- -- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-3-amd64 (SMP w/1 CPU core)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages spip depends on:
ii apache2 2.4.2-1
ii apache2-bin [httpd] 2.4.2-1
ii cherokee [httpd] 1.2.101-1
ii debconf [debconf-2.0] 1.5.45+nmu1
ii fonts-dustin 20030517-9
ii libjs-jquery 1.7.2+debian-2
ii libjs-jquery-cookie 6-1
ii libjs-jquery-form 6-1
ii php-html-safe 0.10.1-1
ii php5 5.4.4-3
ii php5-mysql 5.4.4-3
Versions of packages spip recommends:
ii imagemagick 8:6.7.7.10-3
ii mysql-server 5.5.24+dfsg-6
ii netpbm 2:10.0-15+b1
spip suggests no packages.
- -- debconf information excluded
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJQGqsVAAoJELgqIXr9/gnyQoAP/2snMGIL4ivhpgSlAuioPtPo
KQevqvwZFYcx/5PMGFVaZFwWtrhpWMmTuS+ak/ua8C6QE0HFJUx67HhaI8GeQoht
wClL/ezCsCSopYfytilfyAQTA3AoxiapUFZmUxGex1v9a2yc0uMsrvD9G5RbQpga
GgQt4DeI3+OcLQAInDe5lUO5XuKiJLmvtazjJsWIyxFvO1O1HW8xj2OHhx+0PiWS
Vhgl4Nh5t5Jdk1rLD4rkaDC/y/84Ou23ysx9eNXjFXOITI/Qei3lQIsYYFc9cUzf
WA15uEJQhJj+VEBVPnGzeAtR6pqFidsZnQiYjokqhbvt4juo7OIIafixkRnwt9jm
gezkBd7Wu+7G7JviIVX4TKaZYlQd89IvZSd71MHlaBSE0aFdEY+6zkug+Tq7rVs4
gczl7RGI1AgCb2DoN4slF90dVADhwX5huPlDMpQmaIH9/T3o5Vg4pNUE7aLzFmAy
wQDWiT1ps6ZDfeYfr2N4Vz+mjuwQXnJUxLect5HWyOxbl/AO4x/elqN/qa3piGny
TBnnTdEbH8YcxSjb+LyQFiaXXkWQ9/QxjE4nyhJB+StsOkxWAoiDXxF1z5zNC4Ic
QTpPF1K/CKUlvVDtcOJ+EZ1AFexV0fiFhD5vhUO8I0fjaDK3nIdopJxUPp46+FE3
2aOd0z+Cw4tjw9MvgUg4
=xlxv
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: spip
Source-Version: 2.1.17-1
We believe that the bug you reported is fixed in the latest version of
spip, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
David Prévot <[email protected]> (supplier of updated spip package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 02 Aug 2012 12:34:29 -0400
Source: spip
Binary: spip
Architecture: source all
Version: 2.1.17-1
Distribution: unstable
Urgency: low
Maintainer: SPIP packaging team <[email protected]>
Changed-By: David Prévot <[email protected]>
Description:
spip - website engine for publishing
Closes: 683667
Changes:
spip (2.1.17-1) unstable; urgency=low
.
* New upstream version, fixes base disclosure (Closes: #683667).
Checksums-Sha1:
46cee14fd6ac811d1ce21275243bf0eaf2ec9935 1897 spip_2.1.17-1.dsc
1ffa6bd54ef948a46013eac44abfe83de6407a8b 3943630 spip_2.1.17.orig.tar.gz
490c00875cec8133c1d2b69801f03bcbc2584e86 61556 spip_2.1.17-1.debian.tar.gz
e354f70dd2acb288641cdcbb178ba3178803655d 3869902 spip_2.1.17-1_all.deb
Checksums-Sha256:
c41ecffc2c761f35c99816a0149fbd287dddcbb46ff5ccb65c1343aa3528d1d4 1897
spip_2.1.17-1.dsc
85561b476df35597944eff9d6cab02ed04014c61a06737f67c6b8233e45e257b 3943630
spip_2.1.17.orig.tar.gz
335cabb5c46f9520f13277b522a920a77f619a51d2671f442967b65c73cd342b 61556
spip_2.1.17-1.debian.tar.gz
6abd0c3db671e17b8765404698d1d93afb17503189c797e4d095028ee03d97e4 3869902
spip_2.1.17-1_all.deb
Files:
53316a16773bcf928f60e2dc8857d0c7 1897 web extra spip_2.1.17-1.dsc
1962bd0e543eabbddd60d045f8aab6ba 3943630 web extra spip_2.1.17.orig.tar.gz
c4abc78e67bb2f120a4524266cbf0aa5 61556 web extra spip_2.1.17-1.debian.tar.gz
6d04bf9d29d205cb5a239dadd5919a07 3869902 web extra spip_2.1.17-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJQGq1FAAoJELgqIXr9/gnyZewQAKrkptAWUXdurGI/WfysMrbG
+7hPvlwv2+Leb1oG0/y7aFl01OfdwHASkeH9NNGlskzC0KSW1Algn3/fmiJ3cnxi
vus3mkSGMLXQByfKmPkZW4lGaAyXnXEpT2ioNztgwb811ziV5zk54adIqGax7T0J
6ofbZqahEmN4YErhWiMRKnJujJURGVew+D5lsTH8blx2pchma9N1pSaJ0nO/hFQU
DsxZHRDL/Mzd0SHNIGtJR8w5IHros5yModH5VLIhBmVIQctJFxHCRdISeKfNU9KS
VSUr7ED9teKP/xVrml7L2aG+cOzYqo9AQcwv84guUyDQPCk+PpDmPGt4i/Q67QQf
rCf2AXq1G/mJa9iuDdSB60fdpLavUtF8IZRhP8k3RwD3fYg46Dvl3aA+j1ZbALaY
RUrWoI+LVjGcRHWQgIoNWjiNv9JmcMQ+o/AFZLcWR1U5tlzwRg1sAXQ0WrhRoZ0k
Ps3s4dJmMwRy0VqKcByB4XfczLlBA+A+XlRzTG6RRahN46VrJlVbt/4LJMkDUo2u
ehHlRWSoSENuTEc4h/jX2jg5abJDliRHfRyn81WErd2hsTe+EOv1nXREdTC0FNDw
H56bP6A5ZqVnMRTh8FlPGN04PLbu3zSLhD2DvF5T1MAIXm/jDqYzsw5Z9h8aJ8EW
arvOPVhbzcILUcLuV74w
=Uzos
-----END PGP SIGNATURE-----
--- End Message ---
