On Sun, 2012-12-30 at 17:04 +0000, Steve McIntyre wrote: > On Sun, Dec 30, 2012 at 08:04:23AM +0100, Salvatore Bonaccorso wrote: > >> +moin (1.9.4-8+deb7u1) testing-proposed-updates; urgency=high [...] > >> + + fix remote code execution vulnerability in twikidraw/anywikidraw > >> + actions (CVE-2012-XXXX). > >> + + fix path traversal vulnerability in AttachFile action > >> + (CVE-2012-XXXX). [...] > >In meantime CVE's where assigned to moin for these issues. If not yet > >uploaded to t-p-u could you include these? They are CVE-2012-6080 > >(path traversal vulnerability) and CVE-2012-6081 (remote code > >execution vulnerability). [...] > It's already uploaded, but I'll update the changelog in git so that > it'll be updated for future uploads.
fwiw: Dec 30 02:26:03 processing /moin_1.9.4-8+deb7u1_amd64.changes Dec 30 02:26:03 GnuPG signature check failed on moin_1.9.4-8+deb7u1_amd64.changes Dec 30 02:26:03 /moin_1.9.4-8+deb7u1_amd64.changes has bad PGP/GnuPG signature! Dec 30 02:26:03 Removing /moin_1.9.4-8+deb7u1_amd64.changes, but keeping its associated files for now. The rest of the files are indeed still in the upload queue, so uploading a fixed .changes should work. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1356889415.4281.48.ca...@jacala.jungle.funky-badger.org
