[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted bonsai 1.3+cvs20020224-1woody1 (i386 source)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 17 Mar 2003 20:12:07 +0100
Source: bonsai
Binary: bonsai
Architecture: source i386
Version: 1.3+cvs20020224-1woody1
Distribution: unstable
Urgency: low
Maintainer: Rémi Perrot <rperrot@debian.org>
Changed-By: Rémi Perrot <rperrot@debian.org>
Description: 
 bonsai     - The famous Mozilla CVS query tool by web interface
Changes: 
 bonsai (1.3+cvs20020224-1woody1) unstable; urgency=low
 .
   * Fix security bug that allow remote execution of command as www-data user
     (see #142317 upstream bug).
   * Fix security bug that cause absolute path disclosure (see #187230 upstream
     bug).
   * Fix security bug that makes Bonsai vulnerable to cross-site scripting
     attacks (see #146244 and #163573 upstream bug).
   * Access to parameters page isn't any more allowed without password (see
     #45579 upstream bug)
Files: 
 18c1aef51bd3415f3a41fb2f231c2b8d 727 web extra bonsai_1.3+cvs20020224-1woody1.dsc
 3181f4965555a31773a75c4e41dfb32c 53131 web extra bonsai_1.3+cvs20020224-1woody1.diff.gz
 978aa8e6677174a2fed40cbac1525888 154104 web extra bonsai_1.3+cvs20020224-1woody1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Pour information voir http://www.gnupg.org

iD8DBQE+djhgRo2b307WK/4RAqz6AJ4jbvYM5ktWvN7nd8OVoInhNCElSQCeKhPF
IYyl7kBuv9Y/IRpz2uit9aI=
=8ksl
-----END PGP SIGNATURE-----


Accepted:
bonsai_1.3+cvs20020224-1woody1.diff.gz
  to pool/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1.diff.gz
bonsai_1.3+cvs20020224-1woody1.dsc
  to pool/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1.dsc
bonsai_1.3+cvs20020224-1woody1_i386.deb
  to pool/main/b/bonsai/bonsai_1.3+cvs20020224-1woody1_i386.deb
Reply to: