Accepted fex 20121107-1 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 07 Nov 2012 13:55:06 +0100
Source: fex
Binary: fex fex-utils
Architecture: source all
Version: 20121107-1
Distribution: unstable
Urgency: high
Maintainer: Kilian Krause <kilian@debian.org>
Changed-By: Kilian Krause <kilian@debian.org>
Description:
fex - web service for transferring very large files
fex-utils - web service for transferring very large files (utils)
Changes:
fex (20121107-1) unstable; urgency=high
.
* New upstream release: 20121107
- SECURITY BUGFIX:
A restricted user could upload a file to a non-existent recipient in an
allowed domain and afterwards redirect this file to another recipient in a
forbidden domain ==> sender can bypass domain restrictions.
.
If you do not have restricted users you are not affected by this bug
(subusers do not count as restricted users).
.
- fac: the admin can restrict up or download for certain users to certain
IP addresses.
Checksums-Sha1:
f60a028de85e98ec19b7c507113e33c8df2f1d37 1211 fex_20121107-1.dsc
c6cffcb4f2add1783af57c1cd6f0a2960f42106f 317486 fex_20121107.orig.tar.gz
70d3647536c5b806ec32247caa46e1c1f2cefd30 23037 fex_20121107-1.debian.tar.gz
9117ef9917f37c604f2412fcd63d04888c811fd2 539620 fex_20121107-1_all.deb
774d6d65958ad6268362cb60d7cd46fd2982bbeb 56914 fex-utils_20121107-1_all.deb
Checksums-Sha256:
ae3d0ecaa992058f589eb10a6be3aaf52efef33943265ce0be7b5ea8ee26ce98 1211 fex_20121107-1.dsc
2a80c655f7c34bbe3f9869ec244d4587fcc1b28ba8601957114f5202132160f2 317486 fex_20121107.orig.tar.gz
5c56c1185e3c3aa5ab76bdcd0fae10ecf688f9314a99ce75a2a6d8a46d081dbd 23037 fex_20121107-1.debian.tar.gz
ec5689b28223ccb6f574da3d614d1e3d4f20832d220f15b52526428fd9e64b95 539620 fex_20121107-1_all.deb
3699ec4dbf91f4ed1fc8049b81e7e800f4a477fcdcbaa7c2833afd2f9bfdc7c4 56914 fex-utils_20121107-1_all.deb
Files:
a34276feea1dbd73e568b1f8ef1fc2c9 1211 non-free/web optional fex_20121107-1.dsc
64027444859f8854049178d3979b92df 317486 non-free/web optional fex_20121107.orig.tar.gz
b89eed86b1430151cd81a11ce48737e9 23037 non-free/web optional fex_20121107-1.debian.tar.gz
8eb2747b63b2228d11c4e506e10b73d8 539620 non-free/web optional fex_20121107-1_all.deb
e028a8fc62b10bb63c83d715b3f9ad27 56914 non-free/web optional fex-utils_20121107-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFQmlqPvdkzt4X+wX8RAjBtAJ40WxAdRQltn6pQQmW2ERy1sR/JPQCeJ//x
TjJ49ywsCroVMtae5cZ489o=
=48we
-----END PGP SIGNATURE-----
Reply to: