Debian Package Tracker

From: Steffen Joeris <white@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted horde3 3.2.2+debian0-2+lenny2 (source all)
Date: Thu, 07 Jan 2010 13:58:28 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 05 Jan 2010 13:02:24 +0100
Source: horde3
Binary: horde3
Architecture: source all
Version: 3.2.2+debian0-2+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Horde Maintainers <pkg-horde-hackers@lists.alioth.debian.org>
Changed-By: Steffen Joeris <white@debian.org>
Description: 
 horde3     - horde web application framework
Changes: 
 horde3 (3.2.2+debian0-2+lenny2) stable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * Fix several cross-site scripting vulnerabilities via crafted number
     preferences or inline MIME text parts when using text/plain as MIME
     type (horde ticket #8311 and #8399) (Issue was fixed in the previous
     version, but adjusting the conffile was missing)
     Fixes: CVE-2009-3237
   * Fix cross-site scripting vulnerability via data:text/html values in
     an HTML email message (horde ticket #8715)
     Fixes: CVE-2009-4363
   * Fix several cross-site scripting vulnerabilities via the PATH_INFO
     variable due to use of the PHP_SELF variable
     Fixes: CVE-2009-3701
Checksums-Sha1: 
 45d397abfeeb22b444947c341fe5401af952f974 1389 horde3_3.2.2+debian0-2+lenny2.dsc
 2b964dd68f370d8dfdeaf86a7363cef8d73d51d6 27993 horde3_3.2.2+debian0-2+lenny2.diff.gz
 9fdadfb78ca9ed1af14fffb193e0171fc0949c60 7240984 horde3_3.2.2+debian0-2+lenny2_all.deb
Checksums-Sha256: 
 946912281e615fcde1e3f7c8ce795039f7cdc88da3c1d0fbaacd7eacb83a9ac0 1389 horde3_3.2.2+debian0-2+lenny2.dsc
 bacea9fc2bae3c74fae92673813a3fc90aa8ab7efc87a68772d4c01af15d0bb5 27993 horde3_3.2.2+debian0-2+lenny2.diff.gz
 98f9934dd72c31ea2fbc19e54676b8a5103aaadbed57dde6a3046807968c09c7 7240984 horde3_3.2.2+debian0-2+lenny2_all.deb
Files: 
 c7d03777a3a09845206364f689752f30 1389 web optional horde3_3.2.2+debian0-2+lenny2.dsc
 866df86724501fbd550d5e164e4cdd3c 27993 web optional horde3_3.2.2+debian0-2+lenny2.diff.gz
 9298abd370d67b6a4861f015e330d1c5 7240984 web optional horde3_3.2.2+debian0-2+lenny2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAktDPegACgkQ62zWxYk/rQfbVQCeJ3XCmfJEPBHnj9wRIhtlMkyo
8rMAnRxVBNczAG+53bbPh5lzkIN4t6ob
=K97o
-----END PGP SIGNATURE-----


Accepted:
horde3_3.2.2+debian0-2+lenny2.diff.gz
  to main/h/horde3/horde3_3.2.2+debian0-2+lenny2.diff.gz
horde3_3.2.2+debian0-2+lenny2.dsc
  to main/h/horde3/horde3_3.2.2+debian0-2+lenny2.dsc
horde3_3.2.2+debian0-2+lenny2_all.deb
  to main/h/horde3/horde3_3.2.2+debian0-2+lenny2_all.deb
News for package horde3
