[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted turba2 2.0.2-1sarge1 (source all)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 21 Feb 2008 02:17:37 +0100
Source: turba2
Binary: turba2
Architecture: source all
Version: 2.0.2-1sarge1
Distribution: oldstable-security
Urgency: high
Maintainer: Ola Lundqvist <opal@debian.org>
Changed-By: Gregory Colpart (evolix) <reg@evolix.fr>
Description: 
 turba2     - contact management component for horde framework
Closes: 464058
Changes: 
 turba2 (2.0.2-1sarge1) oldstable-security; urgency=high
 .
   * Fix unchecked access to contacts in the same SQL table, if the unique key
     of another user's contact can be guessed. See CVE-2008-0807 for more
     informations. (Closes: #464058)
   * Fix privilege escalation in Horde API.
   * Close several XSS vulnerabilities with address book and contact data.
Files: 
 78ef803c5a5c3c0564ddd8b23a96da4d 626 web optional turba2_2.0.2-1sarge1.dsc
 43381a9620d08ad17758fc533e865db3 1221378 web optional turba2_2.0.2.orig.tar.gz
 8ccfd8d4f1886141a916d706217d8a73 8049 web optional turba2_2.0.2-1sarge1.diff.gz
 ee4a5791cb7b942305f9095b9b3ae697 1282950 web optional turba2_2.0.2-1sarge1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHvd+9wM/Gs81MDZ0RAqHaAKC7uu/8TNn6rBQDFeccDMhHAsjFZACggpZE
GxcN9VEj5Cuf6oRyGAjg6JE=
=Wd+H
-----END PGP SIGNATURE-----


Accepted:
turba2_2.0.2-1sarge1.diff.gz
  to pool/main/t/turba2/turba2_2.0.2-1sarge1.diff.gz
turba2_2.0.2-1sarge1.dsc
  to pool/main/t/turba2/turba2_2.0.2-1sarge1.dsc
turba2_2.0.2-1sarge1_all.deb
  to pool/main/t/turba2/turba2_2.0.2-1sarge1_all.deb


Reply to: