-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 19 Jul 2006 22:12:06 +0200 Source: mantis Binary: mantis Architecture: source all Version: 0.19.4-3.1 Distribution: unstable Urgency: high Maintainer: Igor Genibel <igenibel@debian.org> Changed-By: Thijs Kinkhorst <thijs@debian.org> Description: mantis - web-based bug tracking system Closes: 361138 378353 Changes: mantis (0.19.4-3.1) unstable; urgency=high . * Non-maintainer upload for security issues. * CVE-2006-1577: Multiple cross-site scripting (XSS) vulnerabilities in view_all_set.php. Apply upstream patch. (Closes: #361138) * CVE-2006-0841: Multiple cross-site scripting (XSS) vulnerabilities in view_all_set.php, manage_user_page.php, view_filters_page.php, proj_doc_delete.php. Apply selected upstream patches where relevant to our version. (Closes: #378353) * Fix the following lintian errors (many warnings remain): - debian/rules misses required target binary-arch - wrong path to interpreter /usr/local/bin/php - build-depends-indep should be build-depends debhelper Files: 5b2decbea98d8c8e54b26387a9e8c88a 568 web optional mantis_0.19.4-3.1.dsc f6c1d5698f908030e8f7db8663d9ce0c 39732 web optional mantis_0.19.4-3.1.diff.gz 4eb93da449dc96d8d642f8fdf332b193 903400 web optional mantis_0.19.4-3.1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEvpJbJdKMxZV9WM8RAiMfAKDRyHZHsxAo7rtVhp9jFMINlYUhggCgiZ4s rolfnUBBWSWCfxAswMbpQoA= =Pi+9 -----END PGP SIGNATURE----- Accepted: mantis_0.19.4-3.1.diff.gz to pool/main/m/mantis/mantis_0.19.4-3.1.diff.gz mantis_0.19.4-3.1.dsc to pool/main/m/mantis/mantis_0.19.4-3.1.dsc mantis_0.19.4-3.1_all.deb to pool/main/m/mantis/mantis_0.19.4-3.1_all.deb