-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 07 Feb 2023 15:42:01 +0100 Source: graphite-web Architecture: source Version: 1.1.8-1.1 Distribution: unstable Urgency: medium Maintainer: Debian Graphite Group <team+debian-graphite-team@tracker.debian.org> Changed-By: Christoph Martin <martin@uni-mainz.de> Closes: 1026992 Changes: graphite-web (1.1.8-1.1) unstable; urgency=medium . * NMU * CVE-2022-4728, CVE-2022-4729 & CVE-2022-4730: Prevent a series of cross-site scripting (XSS) vulnerabilties that could have been exploited remotely. Issues existed in the Cookie Handler, Template Name Handler and Absolute Time Range Handler components. (Closes: #1026992) Checksums-Sha1: 92c0ae9a05f6c797fe809a5267d124827ec931d9 2261 graphite-web_1.1.8-1.1.dsc 562ccbe2466bcd150b3863e162b05d5537cd9de1 1177214 graphite-web_1.1.8.orig.tar.gz 924a3bb38ddba7041ebc223f4d7369a24f1c242a 228080 graphite-web_1.1.8-1.1.debian.tar.xz 8d5c4156d584da13d7b44046c973c6f42da3adc3 9104 graphite-web_1.1.8-1.1_amd64.buildinfo Checksums-Sha256: e8de3fe032e6fc1a5cada0f2a8140e392f7f5cf182c5707cd1f68a0073af1de7 2261 graphite-web_1.1.8-1.1.dsc 54240b0f1e069b53e2ce92d4e534e21b195fb0ebd64b6ad8a49c44284e3eb0b1 1177214 graphite-web_1.1.8.orig.tar.gz e6ad37c114f822d416c552232de77cfaa15d78a5fcf3a4491552063f6a7eebfb 228080 graphite-web_1.1.8-1.1.debian.tar.xz 29ef800bcaa1f86fbbb15dcbc2b981913dee0f996f33dbd38983705a6f15e2a2 9104 graphite-web_1.1.8-1.1_amd64.buildinfo Files: 0afc1f3b6239dff93d794fd504daa089 2261 web extra graphite-web_1.1.8-1.1.dsc 088cba7cf97062e101f6c1565fc4c050 1177214 web extra graphite-web_1.1.8.orig.tar.gz 76388533a895162aa52cf8c10d6ddd48 228080 web extra graphite-web_1.1.8-1.1.debian.tar.xz 239b047399e440a91749eb2b80b67f14 9104 web extra graphite-web_1.1.8-1.1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEt1cFkfJ3DVbrq4cu7mlEXgxb5BcFAmPjagYACgkQ7mlEXgxb 5BeGHA/+NAXNOJ7w+Zqpx6QCYVI+tzm3AE8YsIItnl5EQxOVR6bz8TwW85Bs9C9G W/dbmKtqMz7WVlw0rfJ6RDXIJeQT7Pvolrp/yxbieWeZJ84ajyzHzj5vDScy+AOh BFL30QPRqjpbbDII5448J1q/C6o9hpGW7ATNMOK/6IKqLpPv3zRyRFb+KKDZvHhq O9altErYl/eP0l0+Wa9NAE21PpJnMfCdhJdbg8xBfk22wjvMy4ljcStLk0dJazMY onHX7/YGbX0VYDCGIFqUHDiHAPqhTiVHCSGI69igK2Zl5RIWv51l2vsuNw5KVcL8 c5ITOHrDZLiV954VRvyMjr4YYQhm9f88Chxz50YFbuQKR1opcYav+qW5V8Y97VAI T8LCNXtWQ3/jn0TiMpJvvaOyzMh7RyTAL1rU5wIpfZU2EYwV6WCye436XOJOeYML T4aLdycqX3K1eJOTrXn6y/Ie37LJqzgKNm+4uHqWm6GrOoFlU2auYSNr3Vz/KOpE VidKUtrkbhBRYqF4qCaKZLaSnxcWpdt7k2ssg4x/zGQX5iRW1hV2msQKTPHVn1pe 7WHnoOORiTACiRnUi5ysEuoj4EQxaa6+mIq1WjuD3LMumJrRE5mZjd7wgj0NZZDu Rq9nTyXLr0/lUxmRoTS7Cvw2b5faSDro77GBs/TNOGoRSOiKnlw= =WIyC -----END PGP SIGNATURE-----