Accepted graphite-web 1.1.8-1.1~bpo11+1 (source all) into bullseye-backports
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 22 Feb 2023 11:10:27 +0100
Source: graphite-web
Binary: graphite-web
Architecture: source all
Version: 1.1.8-1.1~bpo11+1
Distribution: bullseye-backports
Urgency: high
Maintainer: Debian Graphite Group <team+debian-graphite-team@tracker.debian.org>
Changed-By: Christoph Martin <martin@uni-mainz.de>
Description:
graphite-web - Enterprise Scalable Realtime Graphing
Closes: 936651 940554 962623 1026992
Changes:
graphite-web (1.1.8-1.1~bpo11+1) bullseye-backports; urgency=medium
.
* Backports rebuild
.
graphite-web (1.1.8-1.1) unstable; urgency=medium
.
* NMU
* CVE-2022-4728, CVE-2022-4729 & CVE-2022-4730: Prevent a series of
cross-site scripting (XSS) vulnerabilties that could have been exploited
remotely. Issues existed in the Cookie Handler, Template Name Handler and
Absolute Time Range Handler components. (Closes: #1026992)
.
graphite-web (1.1.8-1) unstable; urgency=medium
.
* New upstream release:
- Works with Python 3.9 (Closes: #962623).
* Refresh local_settings.patch.
* Rebase settings_debian.patch (taken from bug report).
* Drop CVE-2017-18638.patch applied upstream.
.
graphite-web (1.1.4-5) unstable; urgency=high
.
* Non-maintainer upload.
* Add patch to remove the 'send_email' function to avoid SSRF attack.
This was insecure, not used in the code, and was undocumented as well.
(Fixes: CVE-2017-18638)
.
graphite-web (1.1.4-4) unstable; urgency=medium
.
* Avoid hourly error in cron with no whisper db (Closes: #940554). Thanks to
Alexandre Rossi <niol@zincube.net> for the patch.
* Removed use of Python 2 (Closes: #936651). Thanks to Alexander again for
the patch.
Checksums-Sha1:
2c7fdc34b7e361c9da6747974bd1104e7f5c8b4b 2293 graphite-web_1.1.8-1.1~bpo11+1.dsc
562ccbe2466bcd150b3863e162b05d5537cd9de1 1177214 graphite-web_1.1.8.orig.tar.gz
9f8bc8b069aab6a3e213313654b7e28e2625091b 228180 graphite-web_1.1.8-1.1~bpo11+1.debian.tar.xz
8e4c60c8daae39ee0205b54c4da8e891b2cd6e10 956564 graphite-web_1.1.8-1.1~bpo11+1_all.deb
ff0041b4fc22e9f7697a4f4829f3ed95ca24d898 8032 graphite-web_1.1.8-1.1~bpo11+1_amd64.buildinfo
Checksums-Sha256:
125d13ca1787251568c1b7e388bc65321ae08c4bf3fba0a075e4563c23a9bd01 2293 graphite-web_1.1.8-1.1~bpo11+1.dsc
54240b0f1e069b53e2ce92d4e534e21b195fb0ebd64b6ad8a49c44284e3eb0b1 1177214 graphite-web_1.1.8.orig.tar.gz
57341e967a3839e6c09a57110637da06e44eeb2c3f4c5d4f38d66ec236c350e4 228180 graphite-web_1.1.8-1.1~bpo11+1.debian.tar.xz
9c1a78adeaa580a97d4deee256b4f747e92c4079f2efac32ca06f6f4766baafe 956564 graphite-web_1.1.8-1.1~bpo11+1_all.deb
c57037af22bc6534d8a116328116153008a3c2033c13387bf8d535708610ab83 8032 graphite-web_1.1.8-1.1~bpo11+1_amd64.buildinfo
Files:
d38e635840376d5090bcec52e83fbd78 2293 web extra graphite-web_1.1.8-1.1~bpo11+1.dsc
088cba7cf97062e101f6c1565fc4c050 1177214 web extra graphite-web_1.1.8.orig.tar.gz
613a21d1e4a0bb2120881647630b47c5 228180 web extra graphite-web_1.1.8-1.1~bpo11+1.debian.tar.xz
fcae7ff874da76a932a9060528f88a3e 956564 web extra graphite-web_1.1.8-1.1~bpo11+1_all.deb
b6010abce1bfbededc9a4c2b2bf29e4f 8032 web extra graphite-web_1.1.8-1.1~bpo11+1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEt1cFkfJ3DVbrq4cu7mlEXgxb5BcFAmP18YEACgkQ7mlEXgxb
5BdTxhAAtPQNLfABIF9iYeWbPs3uw+WbgQU/wdladTnOZJ51iFJAvo4Nz/0hD/UL
iooFhxQW8de1OxizFMxJIuxmeUurjNrgn4kq55I+QbAIMUcCkHb9+g+aokzOXCQv
7qm5udRdRDRFPeiXl+XVFfiu9pJbWxAN7uZygB+xBYqF8WEgNvXWvWQ9rI4fSNIu
Bq9rK7NGnS0c2+n6u+Xp+23cTLtMmWIYxEIFAmsxfUTA7KLEzbMo1QnfgDRNZi92
DGWjX2OOH7t0v2vU5byF9nbOK79+EUvDjhNqEPrxou/X2Cu4kCc1LJmaMHHlB0YQ
k7COivoi9OSApiIPzsLPnTuvrlatA9eRnqBLMGzTYhP6Yr7qOxDVNNTaJDgkwwh7
d/zPbahD7A/kpGAp7sDv+JdUyMuSpDrm37w2+zcrjJOA62hxOZYYjWhJXk4HVzYY
67ttcHc9rwSwyNi03rPAhat/IUQmp5GWTNkmlJJBboYqCfB/PPbPotXOTiNcIEsj
RfZTnuYKqF5yTLhupwkP4FgntioaQtzx7Kjor65boLL/8g0OYG1hNB6JMMpYlQCr
H7pMklzc4xHQUA0HtdpGG+qdzVrCDPV4aL94Vxm3q/wGWHuiIoKGoyZZVkKLObr/
a8I7Yhpk4dnwTQsv1xiaaEPjdgRbjzN5syr5wPFatFAzOGoehlU=
=6ZUU
-----END PGP SIGNATURE-----
Reply to: