Accepted mantis 0.19.2-5sarge1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 4 Jan 2006 17:45:00 +0100
Source: mantis
Binary: mantis
Architecture: source all
Version: 0.19.2-5sarge1
Distribution: stable-security
Urgency: high
Maintainer: Hilko Bengen <bengen@debian.org>
Changed-By: Igor Genibel <igenibel@debian.org>
Description:
mantis - web-based bug tracking system
Changes:
mantis (0.19.2-5sarge1) stable-security; urgency=high
.
* Maintainer upload for the security team (Related: #345288)
- Fixes CVE-2005-4524:
Notes on private bugs may be leaked.
- Fixes CVE-2005-4523:
Private bugs may be leaked through RSS feeds.
- Fixes CVE-2005-4522:
XSS in view_filters_page.php.
- Fixes CVE-2005-4521:
Two CRLF injection vulnerabilities.
- Fixes CVE-2005-4520:
Unspecified "port injection".
- Fixes CVE-2005-4519:
Multiple SQL injection vulnerabilities.
- Fixes CVE-2005-4518:
Bypass of file upload restrictions.
- Fixes CVE-2005-4238:
XSS in view_filters_page.php.
.
Applied the changes between 0.19.3 (that were already applied) and
0.19.4. Note that since 0.19.3 (included) new version are only security
fixes.
Files:
84bfa6cce4f41aebd7f7bdd810048504 580 web optional mantis_0.19.2-5sarge1.dsc
0c827e6e04027c31080de40d53930689 39448 web optional mantis_0.19.2-5sarge1.diff.gz
a5d28b04680faf1abbda95cc18b28bac 897448 web optional mantis_0.19.2-5sarge1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDvAjD+xgdMBZI9sgRAjJ/AJ994Z+TEGyUQ8w5CHkALBVIs9a3rACcCx5y
DJb1TLAC/orH8kXGjBDTIYw=
=LiXV
-----END PGP SIGNATURE-----
Accepted:
mantis_0.19.2-5sarge1.diff.gz
to pool/main/m/mantis/mantis_0.19.2-5sarge1.diff.gz
mantis_0.19.2-5sarge1.dsc
to pool/main/m/mantis/mantis_0.19.2-5sarge1.dsc
mantis_0.19.2-5sarge1_all.deb
to pool/main/m/mantis/mantis_0.19.2-5sarge1_all.deb
Reply to: