Debian Package Tracker

From: Hector Romojaro <hromojaro@dia.uned.es>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted dotlrn 2.5.0+dfsg-2 (source all)
Date: Sun, 28 Nov 2010 10:32:46 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 25 Nov 2010 13:48:29 +0100
Source: dotlrn
Binary: dotlrn
Architecture: source all
Version: 2.5.0+dfsg-2
Distribution: unstable
Urgency: high
Maintainer: Hector Romojaro <hromojaro@dia.uned.es>
Changed-By: Hector Romojaro <hromojaro@dia.uned.es>
Description: 
 dotlrn     - e-learning portal system based on OpenACS
Closes: 599608 599609 602151
Changes: 
 dotlrn (2.5.0+dfsg-2) unstable; urgency=high
 .
   * Fixed severe vulnerability in the api-browser: it was possible to pass
     to the query parameter "path" a relative path, which might contain path
     traversals like ../../.. . With these all files with read permissions
     can be delivered via the server. Applied Patch:
     http://fisheye.openacs.org/changelog/OpenACS/?cs=oacs-5-5:gustafn:20101125091953
   * Updated translations:
     - Japanease. Closes: #602151
     - Vietnamese. Closes: #599609
     - Czech. Closes: #599608
Checksums-Sha1: 
 01bd8140199d268bcf402b5f9426af06efaf20d7 1238 dotlrn_2.5.0+dfsg-2.dsc
 ea0f69debb4d77248458683477730aad19946ca4 51093 dotlrn_2.5.0+dfsg-2.diff.gz
 d2eaab1c11bd3741bac7036b3c3728cc59ece6fb 26128262 dotlrn_2.5.0+dfsg-2_all.deb
Checksums-Sha256: 
 47408b298bcd10fc2b2fa1fcb2fea27fa23179cada3f9de86488b9ec9bfe8ef7 1238 dotlrn_2.5.0+dfsg-2.dsc
 e441a06f28966606bc11562d4e52b2d30d9b729a94118449296c149d2c398c58 51093 dotlrn_2.5.0+dfsg-2.diff.gz
 894f365ce4594c3d3205c057dcd3602430dd58e45c2c73ccb2949808cfcb482c 26128262 dotlrn_2.5.0+dfsg-2_all.deb
Files: 
 2cf19a29b366d351dc30ac995ce8412e 1238 web optional dotlrn_2.5.0+dfsg-2.dsc
 6f91475fef8c67d47dd678552c5c7d29 51093 web optional dotlrn_2.5.0+dfsg-2.diff.gz
 118f8bc176aba52a7e80cbe7c0fc1ce9 26128262 web optional dotlrn_2.5.0+dfsg-2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkzyK8oACgkQpFNRmenyx0dbdACg0x9YfktSUNy01qx7d+O3G6yL
ZNUAnRU5QHCM7HmGkFkX/pzRTE8eysyI
=3kLJ
-----END PGP SIGNATURE-----


Accepted:
dotlrn_2.5.0+dfsg-2.diff.gz
  to main/d/dotlrn/dotlrn_2.5.0+dfsg-2.diff.gz
dotlrn_2.5.0+dfsg-2.dsc
  to main/d/dotlrn/dotlrn_2.5.0+dfsg-2.dsc
dotlrn_2.5.0+dfsg-2_all.deb
  to main/d/dotlrn/dotlrn_2.5.0+dfsg-2_all.deb
News for package dotlrn
