Re: Accepted squirrelmail 2:1.4.23~svn20120406-2+deb7u2 (source all) into oldoldstable

To: Antoine Beaupré <anarcat@orangeseeds.org>, debian-lts@lists.debian.org, Thijs Kinkhorst <thijs@debian.org>
Subject: Re: Accepted squirrelmail 2:1.4.23~svn20120406-2+deb7u2 (source all) into oldoldstable
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Sun, 15 Apr 2018 09:52:06 +0200
Message-id: <[🔎] af6b8a8a-743d-421d-0482-438b92fce4fc@debian.org>
In-reply-to: <[🔎] 87po3533jp.fsf@curie.anarc.at>
References: <E1f6KPK-0001II-9D@seger.debian.org> <[🔎] 87po3533jp.fsf@curie.anarc.at>

Thijs, adding you to Cc in case you didn't see this. If you can't send the DLA
say so and somebody will take care of it.

Thanks,
Emilio

On 11/04/18 22:12, Antoine Beaupré wrote:
> Did you forget to issue a DLA for this one? I see the package is not
> claimed in dla-needed.txt either...
> 
> a.
> 
> On 2018-04-11 18:23:46, Thijs Kinkhorst wrote:
> Format: 1.8
> Date: Wed, 11 Apr 2018 13:24:23 +0200
> Source: squirrelmail
> Binary: squirrelmail
> Architecture: source all
> Version: 2:1.4.23~svn20120406-2+deb7u2
> Distribution: wheezy-security
> Urgency: high
> Maintainer: Jeroen van Wolffelaar <jeroen@wolffelaar.nl>
> Changed-By: Thijs Kinkhorst <thijs@debian.org>
> Description: 
>  squirrelmail - Webmail for nuts
> Closes: 893202
> Changes: 
>  squirrelmail (2:1.4.23~svn20120406-2+deb7u2) wheezy-security; urgency=high
>  .
>    * Path traversal vulnerability (CVE-2018-8741)
>      Directory traversal flaw in Deliver.class.php can allow a remote
>      attacker to retrieve or delete arbitrary files. (Closes: #893202)
> Checksums-Sha1: 
>  f922ec47972a3a6281374af9f2f2c007ac1b815b 1673 squirrelmail_1.4.23~svn20120406-2+deb7u2.dsc
>  2b406c312e8650c092c6fdb3aaa770da3fe44e7b 40065 squirrelmail_1.4.23~svn20120406-2+deb7u2.debian.tar.gz
>  4255b987b44dd1088fd1a0d444d928aaae2415be 644190 squirrelmail_1.4.23~svn20120406-2+deb7u2_all.deb
> Checksums-Sha256: 
>  8400ba54f905e8e6d58682362a4948865b68436d2c6e362d0709981ccf4752a6 1673 squirrelmail_1.4.23~svn20120406-2+deb7u2.dsc
>  8d6983edbbc566654e74d541c7d99e028ea9abab18babada166c0e2a026e18f8 40065 squirrelmail_1.4.23~svn20120406-2+deb7u2.debian.tar.gz
>  c68ade218517d455b2d6a5df9521de39fe646268eda09749fedcab93547326f4 644190 squirrelmail_1.4.23~svn20120406-2+deb7u2_all.deb
> Files: 
>  e1154fe67bb006221eab16ae82ac201b 1673 web optional squirrelmail_1.4.23~svn20120406-2+deb7u2.dsc
>  d39330150cebf157e28e24a6bb6ea4ab 40065 web optional squirrelmail_1.4.23~svn20120406-2+deb7u2.debian.tar.gz
>  7000baeefe4ac237ff1d7772eade3295 644190 web optional squirrelmail_1.4.23~svn20120406-2+deb7u2_all.deb
> 
>

Reply to:

References:
- Re: Accepted squirrelmail 2:1.4.23~svn20120406-2+deb7u2 (source all) into oldoldstable
  - From: Antoine Beaupré <anarcat@orangeseeds.org>

Prev by Date: Re: Better communication about spectre/meltdown
Next by Date: Re: Better communication about spectre/meltdown
Previous by thread: Re: Accepted squirrelmail 2:1.4.23~svn20120406-2+deb7u2 (source all) into oldoldstable
Next by thread: Re: tiff updates
Index(es):
- Date
- Thread