Debian Package Tracker

From: Thijs Kinkhorst <thijs@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted phpbb2 2.0.21-6 (source all)
Date: Sun, 14 Jan 2007 18:17:03 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun, 14 Jan 2007 17:35:23 +0100
Source: phpbb2
Binary: phpbb2-languages phpbb2-conf-mysql phpbb2
Architecture: source all
Version: 2.0.21-6
Distribution: unstable
Urgency: high
Maintainer: Jeroen van Wolffelaar <jeroen@wolffelaar.nl>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description: 
 phpbb2     - A fully featured and skinnable flat (non-threaded) webforum
 phpbb2-conf-mysql - Automatic configurator for phpbb2 on MySQL database
 phpbb2-languages - phpBB2 additional languages
Closes: 402140 402140 404160
Changes: 
 phpbb2 (2.0.21-6) unstable; urgency=high
 .
   * Selected patches from upstream 2.0.22 for security issues:
   * CVE-2006-6421: Cross-site scripting (XSS) vulnerability in the private
     message box implementation (Closes: #402140).
   * CVE-2006-6841: Cross Site Request Forgery was possible with some forms.
   * CVE-2006-6840: Prevent negative start parameter. Exploitability unknown,
     but flagged by upstream as a security fix and a harmless change.
   * CVE-2006-6839: Improve check for bad redirection targets, exploitability
     unkown, but flagged by upstream as a security fix and a harmless change.
     (Closes: #402140)
 .
   * Added German debconf translation by Matthias Julius (Closes: #404160).
Files: 
 b94900b3f585ed3320c60df4b3492ea6 759 web optional phpbb2_2.0.21-6.dsc
 349ba9624634152409ecc322763fab44 89517 web optional phpbb2_2.0.21-6.diff.gz
 3333c8da978798bd14a2bf31dfa0e66b 548038 web optional phpbb2_2.0.21-6_all.deb
 be19e3a1481354ad2f44abf426d57fe4 53854 web extra phpbb2-conf-mysql_2.0.21-6_all.deb
 0a0cecc1becd98d759ee9aba16446c9f 2726338 web optional phpbb2-languages_2.0.21-6_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFFql9VJdKMxZV9WM8RAkIpAJ0a1VER+VN9npy8aA40PBW+8pvGaQCfXAZ7
pf0SxZk33VqLOV8EgHbLdDA=
=EGMU
-----END PGP SIGNATURE-----


Accepted:
phpbb2-conf-mysql_2.0.21-6_all.deb
  to pool/main/p/phpbb2/phpbb2-conf-mysql_2.0.21-6_all.deb
phpbb2-languages_2.0.21-6_all.deb
  to pool/main/p/phpbb2/phpbb2-languages_2.0.21-6_all.deb
phpbb2_2.0.21-6.diff.gz
  to pool/main/p/phpbb2/phpbb2_2.0.21-6.diff.gz
phpbb2_2.0.21-6.dsc
  to pool/main/p/phpbb2/phpbb2_2.0.21-6.dsc
phpbb2_2.0.21-6_all.deb
  to pool/main/p/phpbb2/phpbb2_2.0.21-6_all.deb
News for package phpbb2
