Bug#600790: release.debian.org: unblock: fusionforge/5.0.2-3
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Hi,
I'd like to request an unblock for fusionforge/5.0.2-3. The changes are
minimal, and come from a dozen upstream commits, some backported from
trunk. In terms of bugs closed: a serious one (hang during removal of
one of the subpackages), and an important one rendering a plugin
inoperant on systems not upgraded from Lenny. Also, an XSS
vulnerability closed in a (rarely used) plugin, and a bug where an admin
could delete more mailing-lists than reasonable (which may or may not be
considered a security problem depending on whether admins are considered
trusted or not). The latter two prompted me to use a medium urgency for
the upload.
fusionforge (5.0.2-3) unstable; urgency=medium
* Fixed Mediawiki creation script so it uses the appropriate database
and user (closes: #600605).
* Fixed hang during removal of -mta-postfix in some conditions (closes:
#600583).
* Plugged XSS vulnerability discovered by "Bluetouff" in
-plugin-globalsearch.
* Backport from trunk: stricter checking of mailing-list name during
deletion, to avoid potential deleting of unintended lists.
-- Roland Mas <lolando@debian.org> Tue, 19 Oct 2010 20:44:49 +0200
Thanks!
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--
Roland Mas
We reject: kings, presidents and voting.
We believe in: rough consensus and running code. -- IETF
Reply to: