-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sun, 14 Oct 2007 13:07:02 +0000 Source: knowledgeroot Binary: knowledgeroot Architecture: source all Version: 0.9.8.4-1.1 Distribution: unstable Urgency: high Maintainer: Frank Habermann <lordlamer@lordlamer.de> Changed-By: Steffen Joeris <white@debian.org> Description: knowledgeroot - web-based knowledgebase system Closes: 444928 Changes: knowledgeroot (0.9.8.4-1.1) unstable; urgency=high . * Non-maintainer upload by the testing-security team * Changed FCKeditor blacklists to whitelists in order to make sure that remote attackers cannot upload arbitrary PHP code via a file whose name contains unknown extensions (Closes: #444928) Fixes: CVE-2007-5156 Files: b5b2dce118842e01e154a824779576a5 599 web optional knowledgeroot_0.9.8.4-1.1.dsc c0dd552cd01480fe09b2fb35010bcbb4 6574 web optional knowledgeroot_0.9.8.4-1.1.diff.gz 2fd0daaaf7406f11c1a4c663c0687af2 1249104 web optional knowledgeroot_0.9.8.4-1.1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHEhd162zWxYk/rQcRAiaUAKCdgJkn60nJAb/fdhDUN7Cmn0SYbgCePWAw Ddiy8651p4aem6SbM1ZRZqA= =oC8w -----END PGP SIGNATURE----- Accepted: knowledgeroot_0.9.8.4-1.1.diff.gz to pool/main/k/knowledgeroot/knowledgeroot_0.9.8.4-1.1.diff.gz knowledgeroot_0.9.8.4-1.1.dsc to pool/main/k/knowledgeroot/knowledgeroot_0.9.8.4-1.1.dsc knowledgeroot_0.9.8.4-1.1_all.deb to pool/main/k/knowledgeroot/knowledgeroot_0.9.8.4-1.1_all.deb
