-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sun, 19 Jun 2005 13:51:16 -0300 Source: trac Binary: trac Architecture: source all Version: 0.8.1-3sarge1 Distribution: stable-security Urgency: critical Maintainer: Jesus Climent <jesus.climent@hispalinux.es> Changed-By: Otavio Salvador <otavio@debian.org> Description: trac - Enhanced wiki and issue tracking system for software development Changes: trac (0.8.1-3sarge1) stable-security; urgency=critical . * debian/patches/10_upload_vuln.patch: - Fixed file upload vulnerability. Trac could be tricked into uploading files outside the environment directory. Files: b42492026a6cddc92760b9335453ccac 655 web optional trac_0.8.1-3sarge1.dsc 7384742dd15ce1f6eea4e6b4e61a711f 6198 web optional trac_0.8.1-3sarge1.diff.gz 9205779982c5ef33bb33a888fc0eefb8 196704 web optional trac_0.8.1-3sarge1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFCtcWCLqiZQEml+FURAgKEAKCvNMwJCcx6wzt51qqlaZm/X6hyJACgjiUD 0AZjK6gKDLNkFcF9EjIH9Go= =A8fh -----END PGP SIGNATURE----- Accepted: trac_0.8.1-3sarge1.diff.gz to pool/main/t/trac/trac_0.8.1-3sarge1.diff.gz trac_0.8.1-3sarge1.dsc to pool/main/t/trac/trac_0.8.1-3sarge1.dsc trac_0.8.1-3sarge1_all.deb to pool/main/t/trac/trac_0.8.1-3sarge1_all.deb -- To UNSUBSCRIBE, email to debian-testing-changes-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org