-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 23 Dec 2008 18:19:59 +0100 Source: phppgadmin Binary: phppgadmin Architecture: source all Version: 4.0.1-3.1etch1 Distribution: stable-security Urgency: high Maintainer: Isaac Clerencia <isaac@debian.org> Changed-By: Giuseppe Iuculano <giuseppe@iuculano.it> Description: phppgadmin - Set of PHP scripts to administrate PostgreSQL over the WWW Closes: 427151 449103 508026 Changes: phppgadmin (4.0.1-3.1etch1) stable-security; urgency=high . * Non-maintainer upload. * debian/patches/01_CVE-2008-5587.dpatch: Unset language variable before determine file includes (Closes: #508026), and fix local file inclusion vulnerability (CVE-2008-5587) * debian/patches/02_CVE-2007-2865_CVE-2007-5728.dpatch: Backported upstream patch to fix XSS vulnerability (Closes: #427151) (Closes: #449103) (CVE-2007-2865, CVE-2007-5728) Files: e6dea463d597f6dda40d774820e3bb03 890 web extra phppgadmin_4.0.1-3.1etch1.dsc eedac65ce5d73aca2f92388c9766ba1b 703673 web extra phppgadmin_4.0.1.orig.tar.gz 1cbe0f619e65a8c49894e8c0fe015fb5 15678 web extra phppgadmin_4.0.1-3.1etch1.diff.gz 1f5b68f6be269eb3c10646cd8d69c31c 704386 web extra phppgadmin_4.0.1-3.1etch1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSVTf4Wz0hbPcukPfAQLxNwf+M87yBiWJ1T6xHGZQyFl7PSLcJo2xapRu pYPWXV/I9VPjz1gglrCP9SsS6sNfruMGNZZ47mtwlLK/ak/SSyxU2tVPoLPcTAu1 oackQkEUtZNKvhJvZBxzvO+qz7GqgpPgvpp/KRbusr6JAcW0RZZ++2gwjghSy5ej ALbzf4mH+Mcaw9iwxn5+Y60y2iPfXaLy0P19fAsruJ+IU+bal+ijgPMyIYIyNXje Jke6g9mZAgDJSesPjiyfzhSxyatO7zM+JlylZbmkC7KJSZhYvu5V8X1MnP6ve5pI 4xyEu7OAm53xrUAVRtMXzC7snUJzgNxTREoVfaRw13iQYiA4gCwyAg== =PXUO -----END PGP SIGNATURE----- Accepted: phppgadmin_4.0.1-3.1etch1.diff.gz to pool/main/p/phppgadmin/phppgadmin_4.0.1-3.1etch1.diff.gz phppgadmin_4.0.1-3.1etch1.dsc to pool/main/p/phppgadmin/phppgadmin_4.0.1-3.1etch1.dsc phppgadmin_4.0.1-3.1etch1_all.deb to pool/main/p/phppgadmin/phppgadmin_4.0.1-3.1etch1_all.deb