Your message dated Wed, 26 Mar 2014 21:50:17 +0000 with message-id <[email protected]> and subject line Bug#742456: fixed in spip 2.1.1-3squeeze9 has caused the Debian Bug report #742456, regarding Log sanitizing and SQL injection to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 742456: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742456 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: spip Version: 2.1.17-1+deb7u3 Severity: important Tags: security upstream Control: fixed -1 3.1~21281-1 Control: fixed -1 3.0.16-1 Control: found -1 2.1.1-3squeeze8 Hi, The latest upstream update [1] fixes two security issues: - an SQL injection, already blocked by the security screen; - a lack of sanitizing visible in log files. I’ve already prepared the Wheezy [2] and Squeeze updates, and open this bug report in order to follow up with the security team and the release team to get these a priori minor issues fixed in the next (old)stable update. 1: http://contrib.spip.net/Alerte-SPIP-2-0-25-SPIP-2-1-26-SPIP-3-0-16-sont-gavees 2: http://people.debian.org/~taffit/spip/ Regards David
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---Source: spip Source-Version: 2.1.1-3squeeze9 We believe that the bug you reported is fixed in the latest version of spip, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. David Prévot <[email protected]> (supplier of updated spip package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 25 Mar 2014 17:17:03 -0400 Source: spip Binary: spip Architecture: source all Version: 2.1.1-3squeeze9 Distribution: squeeze Urgency: medium Maintainer: SPIP packaging team <[email protected]> Changed-By: David Prévot <[email protected]> Description: spip - website engine for publishing Closes: 742456 Changes: spip (2.1.1-3squeeze9) squeeze; urgency=medium . * Fix missing escape * Fix missing escape in SQL * Update security screen to 1.1.9 (Closes: #742456) Checksums-Sha1: 04a98952a8e37c7cae9d3c5f8ac33627681c36d8 1407 spip_2.1.1-3squeeze9.dsc d3809f6b981a7bc6b3c7cc0f25a73ac920bccee7 28136 spip_2.1.1-3squeeze9.diff.gz 9ce33667c1c63d227d232efdd63cff745a8411a4 3870230 spip_2.1.1-3squeeze9_all.deb Checksums-Sha256: 67ded4bfc902642eeb90e49bc2df01e9f4a5cc472bcdc9098c79d3972c5322e7 1407 spip_2.1.1-3squeeze9.dsc dd36469eea00eacf848f833d36750efb22111e9436cea4c9bb3c0100d890f54b 28136 spip_2.1.1-3squeeze9.diff.gz 1f3c646726bf2c2a4bfb25b2f81893c731dc3ae4ccf794e77aab33572d8fad79 3870230 spip_2.1.1-3squeeze9_all.deb Files: e5240ca871e87dc32d0522c2a7f8f829 1407 web extra spip_2.1.1-3squeeze9.dsc 223e304bd0f434154042a981f3c5284f 28136 web extra spip_2.1.1-3squeeze9.diff.gz 0b63abea17147966a3ca8a3cd183a16d 3870230 web extra spip_2.1.1-3squeeze9_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJTMfPcAAoJEAWMHPlE9r08Gy4IAKlByKavkHnC5WgDVI8XshjM PJ0IQmDfRkDR3fqO9J4u91pR6VNqBQaiFMeNXIIPg4qp8zuWlL2oz418NiF13Qbs Qg9YMmGHKJ4+B8kzP0CSQEytGfCLrLaQDgPuiWePRSnoehGs8e1SMa8AntF6vGhK HaL8Lghr2cC0lPr6h++30/VmDw0cd2g/gHNWDWmDrbAWnrQqmbSaLhvY+XYfbil8 ix2XfDYKQYpnG+aiRl2h6+kuIQseICemwq0urakZdIuq5Khx3rclKJnt6aBVfyK2 MpMXhmoMhQFPsU9g4kDkv8CEwzoOd8DLF8BNed5cO4h2wzQB4SoUTUq8SfBLIGc= =DqVq -----END PGP SIGNATURE-----
--- End Message ---
