Steve Langasek <vorlon@debian.org> writes: > On Wed, Feb 21, 2007 at 10:22:22AM +0100, Marc 'HE' Brockschmidt wrote: >> Christian Perrier <bubulle@debian.org> writes: >> > I have just uploaded a NMU of twiki, to fix its pending l10n >> > issues (and, if needed, very minor QA issues). >> Unblocked (including the security fix which needed to go to testing >> anyway) > But is blocked by a policy violation, #410803. Which was fixed in -9, but doesn't seem to be fixed in the BTS. Now that I look for this problem, it's easy to see: +twiki (1:4.0.5-9) unstable; urgency=emergency + + * move cgi-bin/.htaccess to apache.conf and remove // from end of defaultsiteurl + (Closes #408380) + * add liburi-perl dependancy for MailerContrib (Closes #408748) + * add libhtml-parser-perl for WysiwygPlugin (Closes #408748) + * secure the session files, and use file time to expire them + Arbitrary code execution in session files (CVE-2007-0669) (Closes #410256) + * update index.html to 4.0.5 version + * updated Czech (cs.po) translation (Closes #408659) + * moved twiki-pub.tar.gz to /usr/share/twiki (Closes #410803) + * changed samplefiles prompt to remove yes/no assumption + * unpatch on clean (missing a : after each Closes). Anyway, I have sent a separate a mail to close these bugs. Marc -- Fachbegriffe der Informatik - Einfach erklärt (261: Imperative Programmierung) Die meisten Menschen sind nunmal aber daran gewöhnt, einen Vorgang in einzelne Anweisungen aufzuteilen (Geh in Kueche, Öffne Kühlschrank, Nimm Pizza, ...) (Daniel Fischer)
Attachment:
pgphXctj6cxyc.pgp
Description: PGP signature