Re: [Security] Please hint twiki (again)

To: debian-release@lists.debian.org
Subject: Re: [Security] Please hint twiki (again)
From: Amaya <amaya@debian.org>
Date: Thu, 4 Jan 2007 19:19:23 +0100
Message-id: <[🔎] 20070104181922.GE9690@aenima>
In-reply-to: <20061224101943.GQ17446@aenima>
References: <20061224101943.GQ17446@aenima>

Hi there, Debian Release Managers and other Heroes of the kind
 
twiki in testing is almost unusuable, due to a poor fix for a security bug: 
 #404222: "Security: Phising: Redirect code allows redirection to other hosts" 
causing:
 #405083: twiki: produces an access error every time a page is saved

The complete changelog is:

twiki (1:4.0.5-7) unstable; urgency=medium

  * Add a more useful error message in debian/patches/01_redirect_fix.dpatch
    when fixing #404222, to prevent redirect to other hosts (phishing).
    (Closes: #405083). Urgency medium, because it makes twiki almost unusable.
    Also, the $TWiki::cfg{DefaultUrlHost} in /etc/twiki/LocalSite.cfg must not
    have a trailing slash, which was no problem before.
    Thanks to Kai Pastor Kai" <pastor@uni-mainz.de> and Marcus C. Gottwald
    <gottwald@quantum-hydrometrie.de>.

 -- Amaya Rodrigo Sastre <amaya@debian.org>  Tue,  2 Jan 2007 12:17:36 +0100
 
The upstream version has not changed, only minor patches have
been included, improving the patch for this security issue so that twiki
works well again.
 
Thanks!

-- 
  ·''`.             If I can't dance to it, it's not my revolution
 : :' :                                            -- Emma Goldman
 `. `'           Proudly running Debian GNU/Linux (unstable)
   `-     www.amayita.com  www.malapecora.com  www.chicasduras.com

Reply to:

Prev by Date: Re: Please unblock kqemu, second try
Next by Date: Re: Please unblock kqemu, second try
Previous by thread: Re: Please unblock aircrack-ng (1:0.6.2-6)
Next by thread: Please unblock tendra 4.1.2-16
Index(es):
- Date
- Thread