-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thu, 22 Oct 2009 23:30:00 +0100 Source: typo3-src Binary: typo3 typo3-src-4.0 Architecture: source all Version: 4.0.2+debian-9 Distribution: oldstable-security Urgency: high Maintainer: Christian Welzel <gawain@camlann.de> Changed-By: Christian Welzel <gawain@camlann.de> Description: typo3 - Powerful content management framework (Meta package) typo3-src-4.0 - Powerful content management framework (Core) Closes: 552020 Changes: typo3-src (4.0.2+debian-9) oldstable-security; urgency=high . * Added patches (backported from 4.2.10) to fix the security issues from "TYPO3 Security Bulletin TYPO3-SA-2009-016: Multiple vulnerabilities in TYPO3 Core" with the following CVEs assigned: CVE-2009-3628 TYPO3 Information disclosure CVE-2009-3629 TYPO3 Cross-site scripting CVE-2009-3630 TYPO3 Frame hijacking CVE-2009-3631 TYPO3 Remote shell command execution CVE-2009-3632 TYPO3 SQL injection CVE-2009-3633 TYPO3 API function t3lib_div::quoteJSvalue XSS CVE-2009-3634 TYPO3 Frontend Login Box (felogin) XSS CVE-2009-3635 TYPO3 Insecure Authentication and Session Handling CVE-2009-3636 TYPO3 Install Tool XSS (Closes: 552020). Files: 522ed0d81b54572f24b984a8448d594b 610 web optional typo3-src_4.0.2+debian-9.dsc a0f7dee86225e89e4914633d2401e232 32793 web optional typo3-src_4.0.2+debian-9.diff.gz ba868af9c67e56ba346233e3473b94c6 77256 web optional typo3_4.0.2+debian-9_all.deb 030c0d0fa407a74b5d48a24d280e2ce5 7696110 web optional typo3-src-4.0_4.0.2+debian-9_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFK8cM+UHLQNqxYNSARAvCOAKCQzYlrBYukelnpyUQkqsrIMGKLrwCbBPZ4 lF4fFfF4wWCaM6LkdrkXwBE= =4waN -----END PGP SIGNATURE----- Accepted: typo3-src-4.0_4.0.2+debian-9_all.deb to main/t/typo3-src/typo3-src-4.0_4.0.2+debian-9_all.deb typo3-src_4.0.2+debian-9.diff.gz to main/t/typo3-src/typo3-src_4.0.2+debian-9.diff.gz typo3-src_4.0.2+debian-9.dsc to main/t/typo3-src/typo3-src_4.0.2+debian-9.dsc typo3_4.0.2+debian-9_all.deb to main/t/typo3-src/typo3_4.0.2+debian-9_all.deb