-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 05 Feb 2021 11:35:35 -0400 Source: spip Architecture: source Version: 3.2.4-1+deb10u4 Distribution: buster-security Urgency: high Maintainer: David Prévot <taffit@debian.org> Changed-By: David Prévot <taffit@debian.org> Changes: spip (3.2.4-1+deb10u4) buster-security; urgency=high . * Document CVE IDs in previous changelog entries * Backport security fixes from 3.2.9 - PHP injections, XSS and secrets stored in session file Checksums-Sha1: 861a19c6fb59810cae29d9157d90d0a302dad9d3 1513 spip_3.2.4-1+deb10u4.dsc b3597601cfb79748e95f503fdf263edcca36a51c 88048 spip_3.2.4-1+deb10u4.debian.tar.xz 0d2e4496d67d5b47653870a46da6df60d4dc449b 7876 spip_3.2.4-1+deb10u4_amd64.buildinfo Checksums-Sha256: e6aae2473597b1ca5bd23e55d5ff23449d45de0a35553c928123a884b20e2068 1513 spip_3.2.4-1+deb10u4.dsc 1b730c74eabe88d6a05586b4faaa50b2336321ad1abb830ff94b48defd6e5132 88048 spip_3.2.4-1+deb10u4.debian.tar.xz 4a0558136e76e18569776c75757dec3fbb8ce35d657b235528cf0eeacd3ee1d1 7876 spip_3.2.4-1+deb10u4_amd64.buildinfo Files: 0a73c97b41d33a7d166c0f76fb6a1516 1513 web optional spip_3.2.4-1+deb10u4.dsc 7bb5b75c84b448277250ddf3c90d24f7 88048 web optional spip_3.2.4-1+deb10u4.debian.tar.xz 7facd6f792f5f00fa24b3b3ef95e2cc6 7876 web optional spip_3.2.4-1+deb10u4_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQFGBAEBCAAwFiEEeHVNB7wJXHRI941mBYwc+UT2vTwFAmAqYS0SHHRhZmZpdEBk ZWJpYW4ub3JnAAoJEAWMHPlE9r08EuoH/1GKg7p+4rsnwoiudsaBQmyhl6nJsvmJ a7bvZUn6aoA1R/jSQaLAJcBjUBxyb+CtzC+s2eLZQ8a4aMGqdWIK0D2HR8T6B4ae a+iypjFxojgGnil7K/7mqbCpxO4XKtQWquglQJfRscsoCKB/SdMFidjtBN/XfTWi +Maheb0aINtzFwv2njbL23eQS8xhGWU0hCcP1GgXCRXSi9lUqKKLaEyVUPKd7oSO sJAu6MDnXkQy7G0zjk+Y2UyE8Zi0FQx4jXyfYLD+oZnBae6M+eOjJw9O4sJAc8DR hdHeA4RkzHWeffCR7kxkQysblbX9qTwHV0vkTD0DwxFwTyH7MHa6k/8= =SHI+ -----END PGP SIGNATURE-----