Accepted webcalendar 1.0.5-2 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 17 Apr 2007 14:22:26 -0400
Source: webcalendar
Binary: webcalendar
Architecture: source all
Version: 1.0.5-2
Distribution: unstable
Urgency: low
Maintainer: Elizabeth Bevilacqua <lyz@princessleia.com>
Changed-By: Elizabeth Bevilacqua <lyz@princessleia.com>
Description:
webcalendar - PHP-Based multi-user calendar
Closes: 373907 396217 404234
Changes:
webcalendar (1.0.5-2) unstable; urgency=low
.
[ Rafael Laboissiere ]
* New dpatches:
+ 05_translations-french-utf8: This patch adds file
translations/French-UTF8.txt, which is mysteriously missing from the
upstream tarball. French-UTF8 is a valid language choice, but
choosing it via the preferences page makes WebCalendar fail
miserably. This file is present in the 1.1.2 upstream tarball, so
this patch will be eventually removed.
+ 06_send-reminder-paths: Set correctly the paths to the include and
translation files (closes: #373907)
+ 07_SA23341-xss-vulnerability: Fixes cross-site scripting (XSS)
vulnerability in export_handler.php that allows remote attackers to
inject arbitrary web script or HTML via the format parameter (see
http://secunia.com/advisories/23341). The CVE id is CVE-2006-6669.
Thanks to Thijs Kinkhorst for the patch (closes: #404234).
* Changed dpatch:
+ 01_config_patch: In files user-app-postnuke.php, user-ldap.php,
user-nis.php, and user.php, insure that the variables
$user_can_update_password, $admin_can_add_user, and
$admin_can_delete_user are really boolean. Thanks to Barry
Cornelius for the heads up (closes: #396217).
.
* debian/rules: Added patch target, such that dpatch-convert-diffgz works
.
* debian/webcalendar.postinst: Remove the commas in the answer for the
multiselect question webcalendar/conf/httpd_conf
* debian/webcalendar.templates:
+ Added apache-perl to the choice of web servers
+ Added question for restarting the web server at postinst time (the
debconf question and associated config code were shamelessly stolen
from the gallery2 package).
* debian/webcalendar.config: Ask the user which web servers should be
restarted
* debian/webcalendar.postint: Renamed the linkapache function to
apache_init and added code for restarting the web server
.
[ Elizabeth Bevilacqua ]
* edited order of dependencies
Files:
84b0af9a9c7f86e1fc76fe931c214088 836 web optional webcalendar_1.0.5-2.dsc
f3016cf48020362671604103f63b8c9d 39511 web optional webcalendar_1.0.5-2.diff.gz
dbcd9d0e12e0d8faec07c526c4914e33 734048 web optional webcalendar_1.0.5-2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGJSACk3oga0pdcv4RAqIiAJ4gg7roiVBDdtIg2aEoj0SE0ptoGACffwzV
e13Fs649DVwcOBwqDn6nzxw=
=q1qi
-----END PGP SIGNATURE-----
Accepted:
webcalendar_1.0.5-2.diff.gz
to pool/main/w/webcalendar/webcalendar_1.0.5-2.diff.gz
webcalendar_1.0.5-2.dsc
to pool/main/w/webcalendar/webcalendar_1.0.5-2.dsc
webcalendar_1.0.5-2_all.deb
to pool/main/w/webcalendar/webcalendar_1.0.5-2_all.deb
Reply to: