Accepted acidbase 1.2.5-1 (source all)

To: debian-devel-changes@lists.debian.org
Subject: Accepted acidbase 1.2.5-1 (source all)
From: David Gil <dgil@telefonica.net>
Date: Tue, 13 Jun 2006 11:02:04 -0700
Message-id: <[🔎] E1FqDDI-0007ez-PX@spohr.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 12 Jun 2006 21:20:37 +0200
Source: acidbase
Binary: acidbase
Architecture: source all
Version: 1.2.5-1
Distribution: unstable
Urgency: high
Maintainer: David Gil <dgil@telefonica.net>
Changed-By: David Gil <dgil@telefonica.net>
Description: 
 acidbase   - Basic Analysis and Security Engine
Closes: 363548 370576
Changes: 
 acidbase (1.2.5-1) unstable; urgency=high
 .
   * New upstream release, wich includes the following security improvements:
      + Added XSSPrintSafe() (array safe htmlspecilchars() function) and made
        filterSql() use ADOdb qmagic()
      + Filtered all unfiltred (mainly auth system stuff) $_POST and $_GET
        variables using filterSql()
      + Santized all $_SERVER variables to be protected against XSS attacks
     These improvements fix the following security bugs:
      + Cross-site scripting (XSS) vulnerability (CVE-2006-1590)
        (Closes: #363548).
      + Remote File Inclusion Vulnerabilities (CVE-2006-2685)
        (Closes: #370576).
 .
   * debian/patches/02_update_external_links.dpatch : updated.
 .
   * Applied part of the patch from Paul Wise <pabs3@bonedaddy.net>:
     + Remove short description from long description
     + Update copyright file with more information
 .
   * Bump Standards-Version to 3.7.2 (no policy-related changes needed).
 .
   * Fix an annoying dbconfig-common error: Add dbc_dbtypes variable in
     mantainer scripts, not only in config file.
     This is related to bug #372948 (dbconfig-common: can not determine the
     database type).
 .
   * Remove ucf file under /etc/acidbase on package purge.
Files: 
 1627500fb735f4ce19a137031d59c0c3 683 web optional acidbase_1.2.5-1.dsc
 cd6a83df67106ebf9a148d5ac1ec9b8c 335819 web optional acidbase_1.2.5.orig.tar.gz
 3cc7ab0405eaf4e2539f64a175af64f6 14891 web optional acidbase_1.2.5-1.diff.gz
 15ce906b026e9bb7d89a4c9dd600e28d 346322 web optional acidbase_1.2.5-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFEjvmKsandgtyBSwkRAhSVAJ46v7d4R2rcEEMNf+YoI26PdkVpDACfdtKL
d9OHPfMIsMKT1oNU4OeTlf4=
=YUKe
-----END PGP SIGNATURE-----


Accepted:
acidbase_1.2.5-1.diff.gz
  to pool/main/a/acidbase/acidbase_1.2.5-1.diff.gz
acidbase_1.2.5-1.dsc
  to pool/main/a/acidbase/acidbase_1.2.5-1.dsc
acidbase_1.2.5-1_all.deb
  to pool/main/a/acidbase/acidbase_1.2.5-1_all.deb
acidbase_1.2.5.orig.tar.gz
  to pool/main/a/acidbase/acidbase_1.2.5.orig.tar.gz

Reply to:

Prev by Date: Accepted phpgacl 3.3.6-3 (source all)
Next by Date: Accepted python-adodb 2.01-1 (source all)
Previous by thread: Accepted phpgacl 3.3.6-3 (source all)
Next by thread: Accepted python-adodb 2.01-1 (source all)
Index(es):
- Date
- Thread