Debian Package Tracker

From: Thijs Kinkhorst <thijs@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted phpgedview 4.0.2.dfsg-4 (source all)
Date: Tue, 27 May 2008 07:52:27 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 20 May 2008 13:17:21 +0200
Source: phpgedview
Binary: phpgedview-places phpgedview-languages phpgedview phpgedview-themes
Architecture: source all
Version: 4.0.2.dfsg-4
Distribution: stable-security
Urgency: high
Maintainer: Thijs Kinkhorst <thijs@debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description: 
 phpgedview - Web-based genealogy viewer and editor
 phpgedview-languages - Language modules for PhpGedView
 phpgedview-places - Place names and maps for PhpGedView
 phpgedview-themes - PhpGedView themes
Changes: 
 phpgedview (4.0.2.dfsg-4) stable-security; urgency=high
 .
   * Upload to stable to fix security issue.
   * No longer install pgvnuke and postgedview.php. These have a fundamental
     design flaw that allowed for privilege escalation. This flaw can't be
     fixed without reworking a large part of the API, which is not acceptable
     to a security update. Since this is a peripheral part of the package, we
     decided to disable it in this update. Those needing the functionality
     are encouraged to use a backported version of phpgedview from lenny.
     [CVE-2008-2064]
Files: 
 8058483846a8b7e51301ed3fac097cdd 1053 web optional phpgedview_4.0.2.dfsg-4.dsc
 834f82b6f3a2512211e8e25dc99ebb44 8182 web optional phpgedview_4.0.2.dfsg-4.diff.gz
 6105005be43e22076a87b6590a899268 1207756 web optional phpgedview_4.0.2.dfsg-4_all.deb
 4e62354aa4950afee7ca71178f1a717f 877102 web optional phpgedview-themes_4.0.2.dfsg-4_all.deb
 3a7155e548c4f5e2ddcc43747d804ed0 2271768 web optional phpgedview-places_4.0.2.dfsg-4_all.deb
 0c8d7b39855b30c6880aa8115bc1452e 1821820 web optional phpgedview-languages_4.0.2.dfsg-4_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBSDK1Tmz0hbPcukPfAQKwrQgAl6T524GXtbvCXteWKhIw7wxRJs5yK6zV
CJ6FMYqjPA9Bi0sGS+3JWJm6v6V83t6dVX/DlMtvgQ3Cs0vuEl/Q/R7/GTw7iUUY
Q2j7yHGkaraUuKONttLRuluckzQG36+ntQICFQrBD4FAF6aKDEJK8AeiCkNckQh/
sFrW88pndUe78sxRfnPzbBtQBQoaLEULFnXEG+IhxRFrZP3MZYXo9Ywjn0D9CZnA
/2COEsvuDNhnkVEpPGz0BBZZr2zysQ78w+cHFbpNYSAxwkjOIQXO33REx35TIyUW
x+5yYoCisE/v+D2CmkJSED8PqFNAMo+1S/8Tbs5+izoKO75ziRS4OQ==
=6K3Y
-----END PGP SIGNATURE-----


Accepted:
phpgedview-languages_4.0.2.dfsg-4_all.deb
  to pool/main/p/phpgedview/phpgedview-languages_4.0.2.dfsg-4_all.deb
phpgedview-places_4.0.2.dfsg-4_all.deb
  to pool/main/p/phpgedview/phpgedview-places_4.0.2.dfsg-4_all.deb
phpgedview-themes_4.0.2.dfsg-4_all.deb
  to pool/main/p/phpgedview/phpgedview-themes_4.0.2.dfsg-4_all.deb
phpgedview_4.0.2.dfsg-4.diff.gz
  to pool/main/p/phpgedview/phpgedview_4.0.2.dfsg-4.diff.gz
phpgedview_4.0.2.dfsg-4.dsc
  to pool/main/p/phpgedview/phpgedview_4.0.2.dfsg-4.dsc
phpgedview_4.0.2.dfsg-4_all.deb
  to pool/main/p/phpgedview/phpgedview_4.0.2.dfsg-4_all.deb
News for package phpgedview
