Your message dated Fri, 23 Mar 2018 10:35:33 +0100 with message-id <20180323093526.yzwocq6e7r7mzt42@crans.org> and subject line Re: Bug#853189: tracker.debian.org: Encoding issue / Code injection through Maintainer field (and probably others) has caused the Debian Bug report #853189, regarding tracker.debian.org: Encoding issue / Code injection through Maintainer field (and probably others) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 853189: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853189 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: tracker.debian.org: Ecnoding issue / Code injection through Maintainer field (and probably others)
- From: Dominik George <nik@naturalnet.de>
- Date: Mon, 30 Jan 2017 15:43:44 +0100
- Message-id: <148578742401.8158.7519569264622149962.reportbug@portux.lan.naturalnet.de>
Package: tracker.debian.org Severity: important -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 tracker.debian.org apparently has encoding issues, not of the “schei� encoding” kind, but it even seems to break the HTML completely and even introduces new elements into the DOM in some way… أحمد المحمودي (Ahmed El-Mahmoudy), e.g., in the Maintainer field of python-whoosh [1] triggers the issue in the “testing migrations” pane (but not in the Maintainer field itself…). Find attached a screenshot. [1]: https://tracker.debian.org/pkg/python-whoosh - -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/lksh Init: systemd (via /run/systemd/system) -----BEGIN PGP SIGNATURE----- iQJ4BAEBCABiFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAliPUR8xGmh0dHBzOi8v d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYxIcbmlrQG5h dHVyYWxuZXQuZGUACgkQt5o8FqDE8pbXnQ//dLuHx9qVVea1zQ7Ip4rSheQT1rkW wosOruh1o4lg0cbjfu0A4iomnZmza7eL4JkezlqnRfkYdQJemtOIORgI2Mv6T2pP yF/C40l0nKexsSpVoZeoy1/aAmUyCbPwl1F3loT9fq49UpgmZId5OhR//VQU/Wax DKxPgbc10Qx+R6rXkpnQ0vPATRmFvzWuh0lOTJDwxxqnzWFleO57YE4rBtZqUlRf QsUCjsg32C3ZFDgUpzWvaZbke93CrEGxCE6aWz08WYmUNr/iE/kXQVUDfSBAqz0/ i7MlDHibceVGBvlXbEvkQ2AnHOJHI9jxi5Bvw8UC527gPdZo3yQczLj/eSy0nQMC Rlh5pEnBD/av2BNhN0Xp1/Mqton4DOcw49QBWNQgNXsHXO69wIk+DFXjGL2Bii8N rF1jRaG2luuogtkl4W3wY7KZhyF7dbR7dqRcfVnK0kmccyA+7LbpqWjMiO+L8TqM jH9N5BfU62o5vsMKCIifN4K6siOVKm/6DeaFwMwv+hYFgYnr9W0iJpIfqedYGgho stUSHb7HUsdwrOLrwHZYKq3J1eQ7xQJ46lv+z0EJ1lT4KONKbMcnq6ATQ3FGVPE1 s6rnmuvF9qoUOP8oTS2eqbcs6fiPA42aNrANozQbLlfvoJ9v4FLhQAWUKmy9qaIW CagPj55DNvuLSL0= =zU9h -----END PGP SIGNATURE-----Attachment: Screenshot_20170130_154301.png
Description: PNG image
--- End Message ---
--- Begin Message ---
- To: Christophe Siraut <tobald@debian.org>, 853189-done@bugs.debian.org
- Cc: Niels Thykier <niels@thykier.net>, DominikGeorge <nik@naturalnet.de>
- Subject: Re: Bug#853189: tracker.debian.org: Encoding issue / Code injection through Maintainer field (and probably others)
- From: Pierre-Elliott Bécue <becue@crans.org>
- Date: Fri, 23 Mar 2018 10:35:33 +0100
- Message-id: <20180323093526.yzwocq6e7r7mzt42@crans.org>
- In-reply-to: <[🔎] 20180316173710.oubahybqwruiwvou@pad.tobald.eu.org>
- References: <[🔎] 20180314090456.onxqpw363ow5jg3v@crans.org> <148578742401.8158.7519569264622149962.reportbug@portux.lan.naturalnet.de> <[🔎] 20180316173710.oubahybqwruiwvou@pad.tobald.eu.org>
Le vendredi 16 mars 2018 à 18:37:10+0100, Christophe Siraut a écrit : > Hi Pierre-Elliott, > > Thanks for looking into this. If you have a plan in mind please go > for it. I wont be able to give much attention before a week or two. Dear Christophe, Your patch and my fixes were implemented in the tracker in commit https://salsa.debian.org/qa/distro-tracker/commit/0e4f25ec86b09f30f65a0de05db0f98b487f1c76 I took advantage of these changes to make some other that were relevant, either due to the code base evolution since your patch proposal or to enhance your patch. The whole diff is here: https://salsa.debian.org/qa/distro-tracker/compare/7fa328dcc5222722b546d7dff61b97029b39aff0...a713822ea72eadad1fc01037101f6775156d5193 Thanks for your initial input! -- Pierre-Elliott Bécue GPG: 9AE0 4D98 6400 E3B6 7528 F493 0D44 2664 1949 74E2 It's far easier to fight for one's principles than to live up to them.Attachment: signature.asc
Description: PGP signature
--- End Message ---