Bug#610016: spip: critical security issue fixed in 2.1.8
user release.debian@packages.debian.org tag 610016 + squeeze-ignore usertag 610016 + squeeze-can-defer thanks On Fri, 2011-01-14 at 15:28 -0600, Romain Beauxis wrote: A security release of SPIP has just been announced: http://www.spip-contrib.net/SPIP-2-1-8-corrige-une-importante-faille-de-securite (french) Not much information is available about the exact issue and the changelog is not helpful either. I have not time at the moment to prepare a fixed package. Any contributor is warmly welcome to NMU the package with no delay. Can be fixed via stable-security after release if required; marking as not a blocker for Squeeze. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Processed: Re: Bug#610016: spip: critical security issue fixed in 2.1.8
Processing commands for cont...@bugs.debian.org: user release.debian@packages.debian.org Setting user to release.debian@packages.debian.org (was a...@adam-barratt.org.uk). tag 610016 + squeeze-ignore Bug #610016 [spip] spip: critical security issue fixed in 2.1.8 Added tag(s) squeeze-ignore. usertag 610016 + squeeze-can-defer Bug#610016: spip: critical security issue fixed in 2.1.8 There were no usertags set. Usertags are now: squeeze-can-defer. thanks Stopping processing here. Please contact me if you need assistance. -- 610016: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610016 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#610016: spip: critical security issue fixed in 2.1.8
Package: spip Version: 2.1.1-2 Severity: grave A security release of SPIP has just been announced: http://www.spip-contrib.net/SPIP-2-1-8-corrige-une-importante-faille-de-securite (french) Not much information is available about the exact issue and the changelog is not helpful either. I have not time at the moment to prepare a fixed package. Any contributor is warmly welcome to NMU the package with no delay. In the mean time, users can download and install a security fix called security screen from there: http://zone.spip.org/trac/spip-zone/browser/_core_/securite/ecran_securite.php?format=txt and documented there: http://www.spip.net/en_article4200.html Romain -- System Information: Debian Release: 6.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-4-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF8, LC_CTYPE=fr_FR.UTF8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages spip depends on: pn apache2 | httpd none (no description available) ii debconf [debconf-2.0] 1.5.37 Debian configuration management sy ii libjs-jquery 1.4.2-2JavaScript library for dynamic web ii php-html-safe 0.10.0-1 strip down all potentially dangero ii php5 5.3.3-7server-side, HTML-embedded scripti ii php5-mysql5.3.3-7MySQL module for php5 Versions of packages spip recommends: ii imagemagick 8:6.6.0.4-3image manipulation programs ii mysql-server 5.1.49-3 MySQL database server (metapackage ii mysql-server-5.1 [mysql-s 5.1.49-3 MySQL database server binaries and ii netpbm2:10.0-12.2+b1 Graphics conversion tools between spip suggests no packages. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org