-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Fri, 12 Aug 2011 09:04:11 +0800 Source: dtc Binary: dtc-common dtc-dos-firewall dtc-postfix-dovecot dtc-core dtc-cyrus dtc-postfix-courier dtc-stats-daemon dtc-toaster dtc-autodeploy Architecture: source all Version: 0.34.1-1 Distribution: unstable Urgency: high Maintainer: Thomas Goirand <zigo@debian.org> Changed-By: Thomas Goirand <zigo@debian.org> Description: dtc-autodeploy - Autodeploy the DTC in a single non-interactive debconf command dtc-common - web control panel for admin and accounting hosting services (comm dtc-core - web control panel for admin and accounting hosting services (fewe dtc-cyrus - web control panel for admin and accounting hosting services (cyru dtc-dos-firewall - small anti-DoS firewall script for your web, ftp and mail servers dtc-postfix-courier - web control panel for admin and accounting hosting services (more dtc-postfix-dovecot - meta package to setup a minimal DTC server with Dovecot dtc-stats-daemon - dtc-xen VM statistics for the dtc web control panel dtc-toaster - web control panel for admin and accounting hosting services (meta Closes: 566654 599087 633617 637469 637477 637485 637487 637498 637505 637537 637584 637617 637618 637629 Changes: dtc (0.34.1-1) unstable; urgency=high . * New upstream version with lots of security fixes: - Passwords are now hashed (Closes: #566654). - The addrlink is now checked properly, thanks to Ansgar Burchardt <ansgar@debian.org> for reporting it (Closes: #637487). - Mailing lists tunables options are now correcly escaped before the files are being written with an echo, thanks to Ansgar Burchardt <ansgar@debian.org> for reporting it (Closes: #637477). - Removed sourceless built of OSX mod_log_sql, removed unwanted iglobalwall useless files, thanks to Ansgar Burchardt <ansgar@debian.org> for reporting it (Closes: #637469). - Fixes logPushlet input checking, thanks to Mike O'Connor <stew@vireo.org> for reporting it (Closes: #637498). - Removes grayboard skin as it is missing some js scripts, thanks to Mike O'Connor <stew@vireo.org> for reporting it (Closes: #637505). - Sets apache2.conf not to be world readable because it contains the password for accessing the dtcdaemon database (Closes: #637485). - Adds output escaping in the DNS & MX form (Closes: #637584). - Install now does chmod 640 /var/log/dtc.log chown root:adm /var/log/dtc.log (Closes: #637617). - Checks for validity of package name in the package installer before installing a package (Closes: #637629). - Now using a dtc-chroot-wrapper to avoid giving a too permissive access to chrootuid, which was giving root access to apache (Closes: #637618). - Don't use htpasswd -b, since it's showing the password on a ps. Using crypt() and fwrite() now. (Closes: #637537). * Added ja.po debconf translation thanks to Hideki Yamane <henrich@debian.org> (Closes: #599087). * Changed reference to mysql-server-5.0 to mysql-server-5.1, thanks to Mike O'Connor <stew@vireo.org> for reporting it (Closes: #633617). Checksums-Sha1: 075e5523539dc632549c4cc114cbad273fbc3f3f 1243 dtc_0.34.1-1.dsc 7f2d9cddb5373a97b769e6c431b9e28dc1e85fa8 8195790 dtc_0.34.1.orig.tar.gz b2ace6b766203848c5ab234aa1179c3b160eb416 91084 dtc_0.34.1-1.diff.gz 9598121571e4d6d757ab2d3fd6dbe78f28cd9912 2428700 dtc-common_0.34.1-1_all.deb 9aee43c855853d457e15fac2c5a263443e78190f 32538 dtc-dos-firewall_0.34.1-1_all.deb efee999fd6f867faea7bf61066859bdd10a69878 30940 dtc-postfix-dovecot_0.34.1-1_all.deb 5995f91a319fec8ba75857731b0d3daba1923379 30994 dtc-core_0.34.1-1_all.deb 387594afed847e167fa86c8cf8369d0d56c88e0c 31080 dtc-cyrus_0.34.1-1_all.deb c2ff3fb9406274a4a8e25b7fecb43edb21b4d35a 31098 dtc-postfix-courier_0.34.1-1_all.deb 626e4325bf7481c1bd2e3a9f802c30b5047946b9 37470 dtc-stats-daemon_0.34.1-1_all.deb 5d6387aa198b5e4f4614385d163c14f50e0bdace 30972 dtc-toaster_0.34.1-1_all.deb 0adef915d634fa50a2ce58e446347635058a548b 34310 dtc-autodeploy_0.34.1-1_all.deb Checksums-Sha256: b752a496b2a5ea2b3b44a53eb89377bdfb02bc0d87eb9b5913cc755516bab7d3 1243 dtc_0.34.1-1.dsc 5e7822c0e61f297bcdfa5f854a66955e612287117c2733b1394b50ac50846626 8195790 dtc_0.34.1.orig.tar.gz 6e44a929931ad58f022a3c2fe3726d175e28b8fd85576970f3c8e3cc1167c0a6 91084 dtc_0.34.1-1.diff.gz 09057caf79af0ba5c9d58b6fcd5e2e83ca931dd3e6cc1e1ac7c36476ddd1197f 2428700 dtc-common_0.34.1-1_all.deb b0d327ae55a23b4d395b6c764668282508d6ceefc9ebc5f447efa1b265a86338 32538 dtc-dos-firewall_0.34.1-1_all.deb 4a3cf4cb4fb2568a0ec1bd7d9ea9fbd58c11138af924b16851933ace6e19decf 30940 dtc-postfix-dovecot_0.34.1-1_all.deb d5e23b6ddb212a80782d321fc67e5901c2b5bc8f8029874115035096aa09eb12 30994 dtc-core_0.34.1-1_all.deb 3b6894142368cd982f1aa3ec108d4ce9e9f76c8f30cb02910f56f0605e9ac482 31080 dtc-cyrus_0.34.1-1_all.deb 3317ccc9b6346c1899c138dffa6783451a68023b3cf8304a3f830003645bb1de 31098 dtc-postfix-courier_0.34.1-1_all.deb 5666404a689f3af50acbafcf028de5f97ddcd70bd237d13d79272887a4c0af4a 37470 dtc-stats-daemon_0.34.1-1_all.deb 7fce77b35fb440f8675dfcbd8b1f0074e1e05d662c4c19f4186fc2541e372e3a 30972 dtc-toaster_0.34.1-1_all.deb 181ef8bd2dc281dd4fe38075c8115c1c8e74cc91d4d599c7ac36427bb5e0e0bc 34310 dtc-autodeploy_0.34.1-1_all.deb Files: 4693b32cfd5cd3872f2d1de8d3382d08 1243 admin extra dtc_0.34.1-1.dsc c4c1ec026296f2e75a5054dc845fe77b 8195790 admin extra dtc_0.34.1.orig.tar.gz d9eeb3f8ba4f77faa95997adaace882b 91084 admin extra dtc_0.34.1-1.diff.gz 7452c7bb25e33d7a70c06c013a16a9dd 2428700 admin extra dtc-common_0.34.1-1_all.deb 08b4211e2a003580b97d0316aa6277c4 32538 admin extra dtc-dos-firewall_0.34.1-1_all.deb 9fe0890ff9d6b66a3cda70dee3ef7d61 30940 admin extra dtc-postfix-dovecot_0.34.1-1_all.deb 8cb49a88dc37819242b10efce2b147d2 30994 admin extra dtc-core_0.34.1-1_all.deb 3a91932a4f9f4529cb2911f28ade222e 31080 admin extra dtc-cyrus_0.34.1-1_all.deb 29deb66619c5f9bb4476b99f927309f8 31098 admin extra dtc-postfix-courier_0.34.1-1_all.deb 0a741750e67e056b5565b71b1bf60de5 37470 admin extra dtc-stats-daemon_0.34.1-1_all.deb e634ee96a0ae0c1a35a7a0e6c1472732 30972 admin extra dtc-toaster_0.34.1-1_all.deb 31f043aff445dec66e910d3c9644cdbe 34310 admin extra dtc-autodeploy_0.34.1-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk5P4UYACgkQl4M9yZjvmkkinACfRS4V970BAItweGiSVGPZIMlI rNAAnReg8FAJjkPuNSaa/Y3zOXicz0c3 =bu2M -----END PGP SIGNATURE----- Accepted: dtc-autodeploy_0.34.1-1_all.deb to main/d/dtc/dtc-autodeploy_0.34.1-1_all.deb dtc-common_0.34.1-1_all.deb to main/d/dtc/dtc-common_0.34.1-1_all.deb dtc-core_0.34.1-1_all.deb to main/d/dtc/dtc-core_0.34.1-1_all.deb dtc-cyrus_0.34.1-1_all.deb to main/d/dtc/dtc-cyrus_0.34.1-1_all.deb dtc-dos-firewall_0.34.1-1_all.deb to main/d/dtc/dtc-dos-firewall_0.34.1-1_all.deb dtc-postfix-courier_0.34.1-1_all.deb to main/d/dtc/dtc-postfix-courier_0.34.1-1_all.deb dtc-postfix-dovecot_0.34.1-1_all.deb to main/d/dtc/dtc-postfix-dovecot_0.34.1-1_all.deb dtc-stats-daemon_0.34.1-1_all.deb to main/d/dtc/dtc-stats-daemon_0.34.1-1_all.deb dtc-toaster_0.34.1-1_all.deb to main/d/dtc/dtc-toaster_0.34.1-1_all.deb dtc_0.34.1-1.diff.gz to main/d/dtc/dtc_0.34.1-1.diff.gz dtc_0.34.1-1.dsc to main/d/dtc/dtc_0.34.1-1.dsc dtc_0.34.1.orig.tar.gz to main/d/dtc/dtc_0.34.1.orig.tar.gz
