Re: Upload of mahara 1.0.4-3 to testing-proposed-updates

To: Francois Marier <francois@debian.org>, debian-release@lists.debian.org
Subject: Re: Upload of mahara 1.0.4-3 to testing-proposed-updates
From: Raphael Geissert <atomo64+debian@gmail.com>
Date: Mon, 03 Nov 2008 18:51:42 -0600
Message-id: <490f9ca7.0506d00a.78ce.ffffd2c3@mx.google.com>
References: <20081104002724.GK6578@isafjordur.dyndns.org>

[I read the ML, no need to CC me]

Francois Marier wrote:

> (Please CC me on your replies, thanks)
> 
> Hello,
> 
> I have just uploaded mahara 1.0.4-3 to testing-proposed-updates in order to
> fix these two RC bugs:
> 
>  504170 - CVE-2008-4796: missing input sanitising in Snoopy.class.php
>  504253 - CVE-2007-3215: remote shell command execution in class.phpmailer.php

Just wondering, why don't you do the same for phpmailer? the package in
lenny/sid is libphp-phpmailer.

> 
> The fixes are quite small (as shown in the attached debdiff) and an upload
> through unstable isn't possible since there is a new upstream version in
> there already.
> 
> Francois

Cheers,
-- 
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net

Reply to:

Follow-Ups:
- Re: Upload of mahara 1.0.4-3 to testing-proposed-updates
  - From: Francois Marier <francois@debian.org>

References:
- Upload of mahara 1.0.4-3 to testing-proposed-updates
  - From: Francois Marier <francois@debian.org>

Prev by Date: Re: Template Toolkit, Template::DBI and Etch updates breakage
Next by Date: Drop nbsmtp from lenny?
Previous by thread: Re: Upload of mahara 1.0.4-3 to testing-proposed-updates
Next by thread: Re: Upload of mahara 1.0.4-3 to testing-proposed-updates
Index(es):
- Date
- Thread