-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 16 Feb 2007 17:21:38 +0100 Source: mydms Binary: mydms Architecture: source all Version: 1.4.4+1-5 Distribution: unstable Urgency: high Maintainer: Miguel Gea Milvaques <xerakko@debian.org> Changed-By: Miguel Gea Milvaques <xerakko@debian.org> Description: mydms - open-source document management system based on PHP and MySQL Changes: mydms (1.4.4+1-5) unstable; urgency=high . * Security: SQL Injection could be done changing cookies content if the userID is not checked to be numeric only (Thanks to Rolan Benavent from Dulasoft SL) * Security: SQL Injection could be done as result of an incorrect checking order in sanitize function. Files: c27f038a2b56090d60270eecca6e64ee 568 web optional mydms_1.4.4+1-5.dsc 7215c90bbd5b21d90fbe8b6363b6831d 15325 web optional mydms_1.4.4+1-5.diff.gz ac9bfe85edd1f6c3c50ea9da9a307d3e 131666 web optional mydms_1.4.4+1-5_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFF8mhNNTNQylgICMQRAtyqAKCSQpyQUx3d/fRAvxwIsCp3m8ygvgCfZpuj uz9tPqW9fIkUr+j3wlbuc34= =RUTx -----END PGP SIGNATURE----- Accepted: mydms_1.4.4+1-5.diff.gz to pool/main/m/mydms/mydms_1.4.4+1-5.diff.gz mydms_1.4.4+1-5.dsc to pool/main/m/mydms/mydms_1.4.4+1-5.dsc mydms_1.4.4+1-5_all.deb to pool/main/m/mydms/mydms_1.4.4+1-5_all.deb
