-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Thu, 22 Oct 2009 22:00:00 +0100 Source: typo3-src Binary: typo3 typo3-src-4.2 Architecture: source all Version: 4.2.5-1+lenny2 Distribution: stable-security Urgency: high Maintainer: Christian Welzel <gaw...@camlann.de> Changed-By: Christian Welzel <gaw...@camlann.de> Description: typo3 - Powerful content management framework (Meta package) typo3-src-4.2 - Powerful content management framework (Core) Closes: 552020 Changes: typo3-src (4.2.5-1+lenny2) stable-security; urgency=high . * Added patches (backported from 4.2.10) to fix the security issues from "TYPO3 Security Bulletin TYPO3-SA-2009-016: Multiple vulnerabilities in TYPO3 Core" with the following CVEs assigned: CVE-2009-3628 TYPO3 Information disclosure CVE-2009-3629 TYPO3 Cross-site scripting CVE-2009-3630 TYPO3 Frame hijacking CVE-2009-3631 TYPO3 Remote shell command execution CVE-2009-3632 TYPO3 SQL injection CVE-2009-3633 TYPO3 API function t3lib_div::quoteJSvalue XSS CVE-2009-3634 TYPO3 Frontend Login Box (felogin) XSS CVE-2009-3635 TYPO3 Insecure Authentication and Session Handling CVE-2009-3636 TYPO3 Install Tool XSS (Closes: 552020). Checksums-Sha1: d2fbebe02d85ae433581d5b05dd1a745cee0356c 1008 typo3-src_4.2.5-1+lenny2.dsc 7ea2716fefafee6fee0cd4a92b5f48b4c7173cd2 122866 typo3-src_4.2.5-1+lenny2.diff.gz 339c6ed5cfda1c1837a1eebecffd25628abc4d6b 133854 typo3_4.2.5-1+lenny2_all.deb 211fc4730071526e624af07d0109e556418af518 8201724 typo3-src-4.2_4.2.5-1+lenny2_all.deb Checksums-Sha256: f8c131e0d6387e837298ea2b3a8386b951322c6e1af5fd613b119c6de80c4b5a 1008 typo3-src_4.2.5-1+lenny2.dsc ea801f0e99198cdf98aa3f19cfc12dbde063d8d3e37cd0aef29e809fa3ff8f27 122866 typo3-src_4.2.5-1+lenny2.diff.gz 3bab375199e52583b57c94247839ff860e8ea88bedbdcb4c9f9a2b01363deec4 133854 typo3_4.2.5-1+lenny2_all.deb 5d46c84f27f9705e9304c9196e0b1e9cfddcdc9c3955e38e87840f2f0a2a8d73 8201724 typo3-src-4.2_4.2.5-1+lenny2_all.deb Files: 8980c630529cf34c44f491e4ee6e6e07 1008 web optional typo3-src_4.2.5-1+lenny2.dsc d4bce174f2ea2a94834cc0d250b51495 122866 web optional typo3-src_4.2.5-1+lenny2.diff.gz 04e43a0b661c56a307a06f282f304e43 133854 web optional typo3_4.2.5-1+lenny2_all.deb ea85991b8e26953d7ff43080458cc766 8201724 web optional typo3-src-4.2_4.2.5-1+lenny2_all.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFK4w0jUHLQNqxYNSARAlysAJ9WbTDwavbKkVys0h9bLKGqPjwsugCeOOAs S3J5hUikDpCW/GTz19eH28E= =/4N8 -----END PGP SIGNATURE----- Accepted: typo3-src-4.2_4.2.5-1+lenny2_all.deb to main/t/typo3-src/typo3-src-4.2_4.2.5-1+lenny2_all.deb typo3-src_4.2.5-1+lenny2.diff.gz to main/t/typo3-src/typo3-src_4.2.5-1+lenny2.diff.gz typo3-src_4.2.5-1+lenny2.dsc to main/t/typo3-src/typo3-src_4.2.5-1+lenny2.dsc typo3_4.2.5-1+lenny2_all.deb to main/t/typo3-src/typo3_4.2.5-1+lenny2_all.deb -- To UNSUBSCRIBE, email to debian-changes-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org