-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 16 Jan 2006 17:51:56 +0100 Source: flyspray Binary: flyspray Architecture: source all Version: 0.9.7-2.1 Distribution: stable-security Urgency: high Maintainer: Pierre Habouzit <pierre.habouzit@m4x.org> Changed-By: Thijs Kinkhorst <kink@squirrelmail.org> Description: flyspray - lightweight Bug Tracking System (BTS) in PHP Closes: 335997 Changes: flyspray (0.9.7-2.1) stable-security; urgency=high . * NMU for security issue. . * Fix multiple XSS vulnerabilities found by "Lostmon". The application does not validate multiple variables upon submission to the index.php script. Patch from upstream 0.9.8update1. (Closes: #335997, CVE-2005-3334) Files: b939804b2e4c9c69392cf1c98d0a0997 603 web optional flyspray_0.9.7-2.1.dsc 9fab03b57e7946f60efc441f2c9b7c4f 347441 web optional flyspray_0.9.7.orig.tar.gz aa63664cac0470f94f00b8feda00057a 18274 web optional flyspray_0.9.7-2.1.diff.gz d40f8bf3e2e47a762481cf2ed58dcd3b 343272 web optional flyspray_0.9.7-2.1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFD09aIW5ql+IAeqTIRAnf9AKCY97nqOEVuJFtlps8KaXxY532VHACgsYCc yMVIBOvFlbIMGXbfob9fVp0= =Nyik -----END PGP SIGNATURE----- Accepted: flyspray_0.9.7-2.1.diff.gz to pool/main/f/flyspray/flyspray_0.9.7-2.1.diff.gz flyspray_0.9.7-2.1.dsc to pool/main/f/flyspray/flyspray_0.9.7-2.1.dsc flyspray_0.9.7-2.1_all.deb to pool/main/f/flyspray/flyspray_0.9.7-2.1_all.deb
