[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted movabletype-opensource 5.1.4+dfsg-4+deb7u2 (source all) into proposed-updates->stable-new, proposed-updates



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 06 Mar 2015 10:56:52 +0100
Source: movabletype-opensource
Binary: movabletype-opensource movabletype-plugin-core movabletype-plugin-zemanta
Architecture: source all
Version: 5.1.4+dfsg-4+deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Movable Type and OpenMelody team <pkg-mt-om-devel@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description: 
 movabletype-opensource - Well-known blogging engine
 movabletype-plugin-core - Core Movable Type plugins
 movabletype-plugin-zemanta - Zemanta Movable Type plugin
Closes: 712602 774192
Changes: 
 movabletype-opensource (5.1.4+dfsg-4+deb7u2) wheezy-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Add CVE-2014-9057.patch patch.
     CVE-2014-9057: SQL injection vulnerability in the XML-RPC interface.
     (Closes: #774192)
   * Add CVE-2015-1592.patch patch.
     CVE-2015-1592: The Perl Storable::thaw function is not properly used,
     allowing remote attackers to include and execute arbitrary local Perl
     files and possibly remotely execute arbitrary code.
   * Add CVE-2013-2184.patch patch.
     CVE-2013-2184: Unsafe use of Storable::thaw in the handling of comments
     to blog posts. (Closes: #712602)
Checksums-Sha1: 
 20d4e16c77e79d69504f7c8e63288498a6c248ef 2327 movabletype-opensource_5.1.4+dfsg-4+deb7u2.dsc
 7b7a022018a5a97a6eda2af8c480e6bbdfafdc67 40969 movabletype-opensource_5.1.4+dfsg-4+deb7u2.debian.tar.gz
 790733117b23c4152b394b1e000f52484f675a06 4117052 movabletype-opensource_5.1.4+dfsg-4+deb7u2_all.deb
 0877defaf8a32fe817482624aaddf31eae003bb0 170524 movabletype-plugin-core_5.1.4+dfsg-4+deb7u2_all.deb
 70590d268d6fc3ab644d6dcd478bd034359f8c2f 16728 movabletype-plugin-zemanta_5.1.4+dfsg-4+deb7u2_all.deb
Checksums-Sha256: 
 da5fbced85f5324ef3bcb45eb69589c30b6a2c1e8639c2286146062a5fb3dd08 2327 movabletype-opensource_5.1.4+dfsg-4+deb7u2.dsc
 a7c15e9ad68f7687bc4ea2a1b26fc9731e3a21a9a3d722935673cf71af591dc7 40969 movabletype-opensource_5.1.4+dfsg-4+deb7u2.debian.tar.gz
 af9f4ccd3553288245907aab500c57b4e7697d9d841085fd5954fb0233d5b148 4117052 movabletype-opensource_5.1.4+dfsg-4+deb7u2_all.deb
 5ab71123ce322b11a8cf78a8dc2e2719022abf265f5d048e427aae23a9c06393 170524 movabletype-plugin-core_5.1.4+dfsg-4+deb7u2_all.deb
 17cb69b87da8c886ab3838a2ffee87bcf316b50289e22d05db661787ba79d7c2 16728 movabletype-plugin-zemanta_5.1.4+dfsg-4+deb7u2_all.deb
Files: 
 ab66733c94cc8d8e929c26bf51150684 2327 web optional movabletype-opensource_5.1.4+dfsg-4+deb7u2.dsc
 cb943096d059f244f34773a47ada102d 40969 web optional movabletype-opensource_5.1.4+dfsg-4+deb7u2.debian.tar.gz
 24100dd1a007e25e566a38256936f697 4117052 web optional movabletype-opensource_5.1.4+dfsg-4+deb7u2_all.deb
 7174613894012ed0bee524cdcb4aa2c1 170524 web optional movabletype-plugin-core_5.1.4+dfsg-4+deb7u2_all.deb
 110306048da7047291a4aeb34aa5d93c 16728 web optional movabletype-plugin-zemanta_5.1.4+dfsg-4+deb7u2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVAaGsAAoJEAVMuPMTQ89EnNkQAJT5RXlQ4YvvDVcwm/8Cncfh
eOF+BToFMZpuCo61bmzrLnec/S2LSd6NvIjQT5FcUcFckR/iwPHK84KGKb0mwa/r
nPWuIjcaxgoijs2h0dC02Bx40mHIW8i2fFH7ytT7GJMBs7rO91z9UAdpwrKnw5xg
YEB7JnJSDOlr2eFYLU0Z4qgxAVGoI/n5AGXyZYNqwzARSNVKD5FBvR5SJM+huz9f
Aj+q6XS49LrQOEXok76OGhE6Q6YYIBNJnHQaChDsf0l6TAsfgaGyBlLleOIBIG1E
XtiitXwUjE2XuC6coKUH1IaXmupuUQUbCFnzm3WRgTTceFbcEFgegbEgk6usGPWD
sulyRDMblZhOC7mN9PRIsSJk0i6GvywWiBepS898Z+MyM/edEy0f//fjIIMd5CwL
v0doN7lBS+gQexHzfJN8PKzDEOt+Ga2DAgLeSQ9zgx2MwycxRhvE88UrkSdMMFEF
Gr0oEDentWXMHVRK82PDgycACaTBfxvlqTSjozqFZhR5lOMnyrVCdMMgTJaCzY8w
9IHwFKbk+fZUX+BQ4Tf2YlbC22ZxRUgTq+2YMizmX66HfmrBqf3abuwBUAn6eH6W
vQEg92M1ducEDaCZdYzTe2n41XWOynDNN9HZQG235A3xyWwqlrRIKcRA9bIvZlpn
ulv96bHNFI3TK+hYuivl
=UrVV
-----END PGP SIGNATURE-----


Reply to: