Accepted phpbb2 2.0.21-6 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 14 Jan 2007 17:35:23 +0100
Source: phpbb2
Binary: phpbb2-languages phpbb2-conf-mysql phpbb2
Architecture: source all
Version: 2.0.21-6
Distribution: unstable
Urgency: high
Maintainer: Jeroen van Wolffelaar <jeroen@wolffelaar.nl>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description:
phpbb2 - A fully featured and skinnable flat (non-threaded) webforum
phpbb2-conf-mysql - Automatic configurator for phpbb2 on MySQL database
phpbb2-languages - phpBB2 additional languages
Closes: 402140 402140 404160
Changes:
phpbb2 (2.0.21-6) unstable; urgency=high
.
* Selected patches from upstream 2.0.22 for security issues:
* CVE-2006-6421: Cross-site scripting (XSS) vulnerability in the private
message box implementation (Closes: #402140).
* CVE-2006-6841: Cross Site Request Forgery was possible with some forms.
* CVE-2006-6840: Prevent negative start parameter. Exploitability unknown,
but flagged by upstream as a security fix and a harmless change.
* CVE-2006-6839: Improve check for bad redirection targets, exploitability
unkown, but flagged by upstream as a security fix and a harmless change.
(Closes: #402140)
.
* Added German debconf translation by Matthias Julius (Closes: #404160).
Files:
b94900b3f585ed3320c60df4b3492ea6 759 web optional phpbb2_2.0.21-6.dsc
349ba9624634152409ecc322763fab44 89517 web optional phpbb2_2.0.21-6.diff.gz
3333c8da978798bd14a2bf31dfa0e66b 548038 web optional phpbb2_2.0.21-6_all.deb
be19e3a1481354ad2f44abf426d57fe4 53854 web extra phpbb2-conf-mysql_2.0.21-6_all.deb
0a0cecc1becd98d759ee9aba16446c9f 2726338 web optional phpbb2-languages_2.0.21-6_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFql9VJdKMxZV9WM8RAkIpAJ0a1VER+VN9npy8aA40PBW+8pvGaQCfXAZ7
pf0SxZk33VqLOV8EgHbLdDA=
=EGMU
-----END PGP SIGNATURE-----
Accepted:
phpbb2-conf-mysql_2.0.21-6_all.deb
to pool/main/p/phpbb2/phpbb2-conf-mysql_2.0.21-6_all.deb
phpbb2-languages_2.0.21-6_all.deb
to pool/main/p/phpbb2/phpbb2-languages_2.0.21-6_all.deb
phpbb2_2.0.21-6.diff.gz
to pool/main/p/phpbb2/phpbb2_2.0.21-6.diff.gz
phpbb2_2.0.21-6.dsc
to pool/main/p/phpbb2/phpbb2_2.0.21-6.dsc
phpbb2_2.0.21-6_all.deb
to pool/main/p/phpbb2/phpbb2_2.0.21-6_all.deb
Reply to: