-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 29 Oct 2005 22:35:09 +0200 Source: mantis Binary: mantis Architecture: source all Version: 0.19.3-0.1 Distribution: unstable Urgency: high Maintainer: Hilko Bengen <bengen@debian.org> Changed-By: Thijs Kinkhorst <kink@squirrelmail.org> Description: mantis - web-based bug tracking system Closes: 312749 319625 323914 328959 330682 332021 334523 335938 Changes: mantis (0.19.3-0.1) unstable; urgency=high . * NMU for RC Security bug. * New upstream security bugfix release. * Incorporates backported security fixes from -4 * Plus, fixes even more issues: - 0005247: Real email addresses are visible when using reminders [CVE-2005-3338] - 0005751: Javascript XSS vulnerability [CVE-2005-3091] - 0006097: user ID is cached indefinately [CVE-2005-3339] - 0006273: File Inclusion Vulnerability [CVE-2005-3335] - 0006275: SQL injection [CVE-2005-3336] (Closes: #330682, #335938). * Add missing CVE id to previous changelog. * Fix adodb symlink, so the package is installable again (Closes: #323914). * Fix debconf dependency (Closes: #332021). * Add alternative mysql-client-5.0 to mysql-client dependency (Closes: #334523). * Add debconf-updatepo to 'clean' target (Closes: #328959). * Add debconf translations for Vietnamese and Czech, thanks to Clytie Siddall and Miroslav Kure. (Closes: #312749, #319625) * Update FSF address in debian/copyright. Files: 62240a5cbc798f7c14f5acec7f9f3255 572 web optional mantis_0.19.3-0.1.dsc b3c1d9f6f66bc5e7e236cc9449aa3ced 1289136 web optional mantis_0.19.3.orig.tar.gz e027cc92f93485b8b3ebedda6053c6bc 37610 web optional mantis_0.19.3-0.1.diff.gz eee1fbd43ece9638e8a8472d8731039c 900692 web optional mantis_0.19.3-0.1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDY+xC5UTeB5t8Mo0RAgCYAJ4mCh4HeM3K9WBD0iGeFUB0JsusBgCgoS5M XktntkywKZ8QH30RXSTMOTc= =UgP7 -----END PGP SIGNATURE----- Accepted: mantis_0.19.3-0.1.diff.gz to pool/main/m/mantis/mantis_0.19.3-0.1.diff.gz mantis_0.19.3-0.1.dsc to pool/main/m/mantis/mantis_0.19.3-0.1.dsc mantis_0.19.3-0.1_all.deb to pool/main/m/mantis/mantis_0.19.3-0.1_all.deb mantis_0.19.3.orig.tar.gz to pool/main/m/mantis/mantis_0.19.3.orig.tar.gz -- To UNSUBSCRIBE, email to debian-devel-changes-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org