Accepted turba2 2.1.3-1etch1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 21 Feb 2008 02:17:51 +0100
Source: turba2
Binary: turba2
Architecture: source all
Version: 2.1.3-1etch1
Distribution: stable-security
Urgency: high
Maintainer: Horde Maintainers <pkg-horde-hackers@lists.alioth.debian.org>
Changed-By: Gregory Colpart (evolix) <reg@evolix.fr>
Description:
turba2 - contact management component for horde framework
Closes: 464058
Changes:
turba2 (2.1.3-1etch1) stable-security; urgency=high
.
* Fix unchecked access to contacts in the same SQL table, if the unique key
of another user's contact can be guessed. See CVE-2008-0807 for more
informations. (Closes: #464058)
* Fix privilege escalation in the Horde API.
Files:
0aa309ef908c6ab95b62fa6fbb97d7c5 722 web optional turba2_2.1.3-1etch1.dsc
a0407717f3f64fb33f6a57e2244a12b4 1790717 web optional turba2_2.1.3.orig.tar.gz
fcef7709711274ebf26b99e3032f4e7e 7434 web optional turba2_2.1.3-1etch1.diff.gz
0fb704f257a5d583196e10de104289f0 1860044 web optional turba2_2.1.3-1etch1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHveA2wM/Gs81MDZ0RAix7AKCzys545lPRKunQOBRxfpwhexu57gCgo2JA
zzSijNzt4cddZ5aEeOzhFv4=
=8IVv
-----END PGP SIGNATURE-----
Accepted:
turba2_2.1.3-1etch1.diff.gz
to pool/main/t/turba2/turba2_2.1.3-1etch1.diff.gz
turba2_2.1.3-1etch1.dsc
to pool/main/t/turba2/turba2_2.1.3-1etch1.dsc
turba2_2.1.3-1etch1_all.deb
to pool/main/t/turba2/turba2_2.1.3-1etch1_all.deb
Reply to: