Re: Moin update in testing
On Sun, 2012-12-30 at 17:04 +0000, Steve McIntyre wrote:
> On Sun, Dec 30, 2012 at 08:04:23AM +0100, Salvatore Bonaccorso wrote:
> >> +moin (1.9.4-8+deb7u1) testing-proposed-updates; urgency=high
[...]
> >> + + fix remote code execution vulnerability in twikidraw/anywikidraw
> >> + actions (CVE-2012-XXXX).
> >> + + fix path traversal vulnerability in AttachFile action
> >> + (CVE-2012-XXXX).
[...]
> >In meantime CVE's where assigned to moin for these issues. If not yet
> >uploaded to t-p-u could you include these? They are CVE-2012-6080
> >(path traversal vulnerability) and CVE-2012-6081 (remote code
> >execution vulnerability).
[...]
> It's already uploaded, but I'll update the changelog in git so that
> it'll be updated for future uploads.
fwiw:
Dec 30 02:26:03 processing /moin_1.9.4-8+deb7u1_amd64.changes
Dec 30 02:26:03 GnuPG signature check failed on moin_1.9.4-8+deb7u1_amd64.changes
Dec 30 02:26:03 /moin_1.9.4-8+deb7u1_amd64.changes has bad PGP/GnuPG signature!
Dec 30 02:26:03 Removing /moin_1.9.4-8+deb7u1_amd64.changes, but keeping its associated files for now.
The rest of the files are indeed still in the upload queue, so uploading
a fixed .changes should work.
Regards,
Adam
Reply to: