-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 08 Feb 2008 23:11:21 +0100 Source: wml Binary: wml Architecture: source i386 Version: 2.0.11-1etch1 Distribution: stable-security Urgency: high Maintainer: Frank Lichtenheld <djpig@debian.org> Changed-By: Frank Lichtenheld <djpig@debian.org> Description: wml - off-line HTML generation toolkit Closes: 463907 Changes: wml (2.0.11-1etch1) stable-security; urgency=high . * Non-maintainer upload by security team. * CVE-2008-0665, CVE-2008-0666: Fix insecure temporary file creations in eperl and ipp backends and a similar issue in the wmg.cgi contrib file leading to possible symlink attacks. If you already use wmg.cgi please update your copy (Closes: #463907). Patch by Nico Golde and Frank Lichtenheld. * Add libpng-dev to build-depends since apparently it was previously compiled against it. Files: 3c12d2b00552d3db815957c01c73b2cf 656 web optional wml_2.0.11-1etch1.dsc 3242a88ced8598120cf6aba2bf9f69c4 24577 web optional wml_2.0.11-1etch1.diff.gz be10fe25928ce83aadf119d98eb5cd43 451672 web optional wml_2.0.11-1etch1_i386.deb a26feebf4e59e9a6940f54c69dde05b5 3115230 web optional wml_2.0.11.orig.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHrOyoXm3vHE4uyloRAvQ8AKDnPciCI2DenvjBYj6/LKI+FdovdgCfe4/9 szTGceCOPTAd1rzn6M9VE1E= =lOZi -----END PGP SIGNATURE----- Accepted: wml_2.0.11-1etch1.diff.gz to pool/main/w/wml/wml_2.0.11-1etch1.diff.gz wml_2.0.11-1etch1.dsc to pool/main/w/wml/wml_2.0.11-1etch1.dsc wml_2.0.11-1etch1_i386.deb to pool/main/w/wml/wml_2.0.11-1etch1_i386.deb
