Accepted lurker 2.1-2 (source i386)

To: debian-devel-changes@lists.debian.org
Subject: Accepted lurker 2.1-2 (source i386)
From: Jonas Meurer <mejo@debian.org>
Date: Tue, 14 Mar 2006 05:02:09 -0800
Message-id: <[🔎] E1FJ9A9-00027t-GA@spohr.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 14 Mar 2006 13:26:58 +0100
Source: lurker
Binary: lurker
Architecture: source i386
Version: 2.1-2
Distribution: unstable
Urgency: low
Maintainer: Jonas Meurer <mejo@debian.org>
Changed-By: Jonas Meurer <mejo@debian.org>
Description: 
 lurker     - Archive tool for mailing lists with search engine
Changes: 
 lurker (2.1-2) unstable; urgency=low
 .
   * release 2.1-1 fixed the following security issues:
     - Since the configuration file needs to be specified in the URL and
       lines not understood are exposed in an error message lurker was
       able to display all files that are readable for the www-data user
       and group. (CVE-2006-1062)
     - It is possible for a remote attacker to create or overwrite files
       in any writable directory that is named "mbox". (CVE-2006-1063)
     - Missing input sanitising allows an attacker to inject arbitrary
       web script or HTML. (CVE-2006-1064)
   * rename luker-index-mm to lurker-index-lc. drop support for automatical
     list configuration for new lists. update documentation accordingly.
   * completely rewrite mailman2lurker.pl, rename it to mailman2lurker.
     install mailman2lurker into /usr/bin, provide a manpage.
   * add a note about the delete button in README.Debian.
   * add patches/01_umask.dpatch, which adds the possibility to configure the
     umask for lurker-index and lurker-search in lurker.conf. it fixes also the
     documentation to not suggest to invoke lurker-index via 'sg' any more.
Files: 
 039d62b9573481cca7c67f78671de028 592 mail optional lurker_2.1-2.dsc
 675f26fb019068e116863936c58d73b4 29698 mail optional lurker_2.1-2.diff.gz
 8d51916dad772202fcf76f2c7b3fba36 522442 mail optional lurker_2.1-2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEFrfrd6lUs+JfIQIRApugAJsEDcqOsjt8ivSAQjZMOiJkk9VBLgCgoqFG
MMzthHNSLz5yfMaPMTs7S9E=
=y0Ts
-----END PGP SIGNATURE-----


Accepted:
lurker_2.1-2.diff.gz
  to pool/main/l/lurker/lurker_2.1-2.diff.gz
lurker_2.1-2.dsc
  to pool/main/l/lurker/lurker_2.1-2.dsc
lurker_2.1-2_i386.deb
  to pool/main/l/lurker/lurker_2.1-2_i386.deb

Reply to:

Prev by Date: Accepted zeroc-ice-python 3.0.0-2 (source i386)
Next by Date: Accepted libflash 0.4.13-6 (source i386)
Previous by thread: Accepted zeroc-ice-python 3.0.0-2 (source i386)
Next by thread: Accepted libflash 0.4.13-6 (source i386)
Index(es):
- Date
- Thread