-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 24 Nov 2025 20:51:45 +0100
Source: tryton-sao
Binary: tryton-sao
Architecture: source all
Version: 6.0.28+ds1-2+deb12u2
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Tryton Maintainers <team+tryton-team@tracker.debian.org>
Changed-By: Mathias Behrle <mathiasb@m9s.biz>
Description:
tryton-sao - Tryton application platform - web client
Changes:
tryton-sao (6.0.28+ds1-2+deb12u2) bookworm-security; urgency=high
.
* Add 02_escape_completion_content.patch
Patch for security issue:
https://foss.heptapod.net/tryton/tryton/-/issues/14363
Stored XSS Vulnerability Found in Party Field Leading to Arbitrary
JavaScript Execution
S.a. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121233
Checksums-Sha1:
b9649250ec12d7c5faee44e4d6572cff585b2de5 2103 tryton-sao_6.0.28+ds1-2+deb12u2.dsc
f05aed20a788336d0a47ccbc0a23c3b47ba1c44e 1478128 tryton-sao_6.0.28+ds1.orig.tar.xz
8baa5197007294b6823a883372f28219388b44c6 35044 tryton-sao_6.0.28+ds1-2+deb12u2.debian.tar.xz
937aa4cdcb60604756e34d9ccc21f9a7a22c8f1d 1610860 tryton-sao_6.0.28+ds1-2+deb12u2_all.deb
c3713104d980eaa69fccd1d9929910efd86d0b70 9166 tryton-sao_6.0.28+ds1-2+deb12u2_amd64.buildinfo
Checksums-Sha256:
52ff15a01e5f7f41bde1993da18ae8e0aa588456934c546ddbcede77e7ee6b75 2103 tryton-sao_6.0.28+ds1-2+deb12u2.dsc
9015dbf277aab274095a20599783d9919eca16ecd9b6d79d565bb1543ac55a39 1478128 tryton-sao_6.0.28+ds1.orig.tar.xz
9dd3b68dd767108ee32d68870c6daa81b095502e7e223c4ab94d5ae5a60bebf7 35044 tryton-sao_6.0.28+ds1-2+deb12u2.debian.tar.xz
93afb65c8e287cb3a96cbec96fe6529be6a904e9521112c29b2e292eb374368d 1610860 tryton-sao_6.0.28+ds1-2+deb12u2_all.deb
1fa80d8cbd60cbe9cbfa0b41038a8501cf0398ea425a43b3ef53ad172fc4edac 9166 tryton-sao_6.0.28+ds1-2+deb12u2_amd64.buildinfo
Files:
4ce9ae0d8306261909e97d2e9618f63f 2103 web optional tryton-sao_6.0.28+ds1-2+deb12u2.dsc
c410046e8400409f98f8c1ba37cfbc29 1478128 web optional tryton-sao_6.0.28+ds1.orig.tar.xz
66c38e90b11e207c291cd8b12940d2af 35044 web optional tryton-sao_6.0.28+ds1-2+deb12u2.debian.tar.xz
bc2f5c0b01c1042a6da1844923d75c7d 1610860 web optional tryton-sao_6.0.28+ds1-2+deb12u2_all.deb
14c9e988e1565c4852e5908f0db6f998 9166 web optional tryton-sao_6.0.28+ds1-2+deb12u2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
Comment: Signed by Mathias Behrle
iQJFBAEBCgAvFiEErCl+XEa50LYccXaB1tCb5IQFu/YFAmkkuBMRHG1hdGhpYXNi
QG05cy5iaXoACgkQ1tCb5IQFu/ZfmQ//WTQfG+wVXRdpY192jClYnD1h2VQIjC5n
K3rXVdpmq20BIJk9ialeSvnrV3UwNX0o310XCG0FKNi8/cCLnP/z8toBAesW2v7S
IixBSXNG3ZUQgEQ00WEH6RsjUFEt4IdEt58lOXYgAF8h5bpZtoykw4PN66A7GUlQ
Cr7f8JLuP7HyZxl9TAFBcIYzHuLBNvyB3YmMw4NKo7OfESzUpzTpDmqGJxgQ+9+i
MBGs0cb5gV7Btn64dGSiig1SCc/AQ8tSjgTDehyHX7JhtPenB/SMdqzSBd/pHkBt
vkvFGNR0MLBAiKTlBP20TWiZSQApW8VfzWKvq3Df6z/D2dsOn1VEHFUxJMl+xGag
MVp642B1G5udUNFLdHz7UM5OeGB9YRGTaFKTo7HxgxNXjLKIm/80s0L4FJYMB66n
j25PRO3cMF/07OIRWYqZBbCNZUBDC/rLPM306nVypuX8JpAlT4bUNWQGkrUlZq+c
03a3TgJxPUQgCSf8gUo3shS2jKml1gbeqwUPCWHkc2Hp9a/PbhjC5WEiNRPtICoJ
tteAirIbfnuXB21et3SX1OsYrTpVVC1o2+j4sTLE3xrYU3+EO+Z/GpBx4mu7kav4
3u7c7Ln8jEGLLhn4ov7PO6qgpZIUiHknu2iWJMAAEd3rtMAAfXxeL0LyyCNLK1ri
ZwSDUzWIBoI=
=PjDh
-----END PGP SIGNATURE-----
