-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 24 Dec 2016 15:23:00 +0100 Source: spip Binary: spip Architecture: source all Version: 2.1.17-1+deb7u8 Distribution: wheezy-security Urgency: high Maintainer: SPIP packaging team <spip-maintainers@lists.alioth.debian.org> Changed-By: Jonas Meurer <mejo@debian.org> Description: spip - website engine for publishing Changes: spip (2.1.17-1+deb7u8) wheezy-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2016-9998: fix reflected cross-site scripting (XSS) vulnerability in /ecrire/exec/info_plugin.php involving the `$plugin` parameter. * CVE-2016-9997: fix reflected cross-site scripting (XSS) vulnerability in /ecrire/exec/puce_statut.php involving the `$id` parameter. Checksums-Sha1: 510965762be38cc185fca8db93c5750aef8743fa 1922 spip_2.1.17-1+deb7u8.dsc d710925dc22218566dd972d6e26983553bb16a42 72112 spip_2.1.17-1+deb7u8.debian.tar.gz d692f48c044f770984f1f04d38382187cecf181a 3858762 spip_2.1.17-1+deb7u8_all.deb Checksums-Sha256: bf8ac8239f6b50e06bad61da8d5b5f17b0241a7cf6beba6bb83b21f7d6184d2d 1922 spip_2.1.17-1+deb7u8.dsc c843d12f7cb6e6400e3b3e04ce8d23dfa8ed55e6dd608e8046a6f3e129aed4f5 72112 spip_2.1.17-1+deb7u8.debian.tar.gz 75e98e869935fd5f0b3689b6f96e161b5bd4bd6f459d366ac88cdf47ff76d7cd 3858762 spip_2.1.17-1+deb7u8_all.deb Files: 352d4fae414e5301e6cf0c53b39ef6ea 1922 web extra spip_2.1.17-1+deb7u8.dsc 3f3157120af7018a53dc24c877547f25 72112 web extra spip_2.1.17-1+deb7u8.debian.tar.gz e77e45bc7adacc5c48c3b9f811018828 3858762 web extra spip_2.1.17-1+deb7u8_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEELIzSg9Pv30M4kOeDUmLn/0kQSf4FAlhenDgACgkQUmLn/0kQ Sf4d4A/6Ag4Keg8FzTbDH+/82JdmvFPSkvAPXLfW24ypzku2NpTaAgiGOi9SLjxb hfsNohHmdNT+GUR+VbfDBXwa9hRCuD4xThfjnsb2Aw+5oC4+onKFhvuceBRmV5ie LiHMX4CeBvVNnu1YhrlTdbM9Km/d2bfLEGi6I/+SLewNJeRyBRVq92B/0pwRRTSf acGKg7jubmqcjQsYAyGbxjYvXKM8fURklROYvEWKmLDY0rXnS1B8Xq1gi4ZOFVDZ ryXvsUrsfKwsPBaieMqoukxZvGJrZYgkrlR121VyCN2mdQPsCTNGFHagZeFt/q8t qINKO9rtnAyURRsc3fP7GL2AyBI5Oqy3mriLv0TpHVUpG1cvbSbW99bOZ1z6s/a2 VW2+R3azKimMuGbb9+zWkhzkc+ohPqNBqbHFCrP3cZSmHA5rIwngQlv1EaLhb3Nf uuVAjmgWfvmXRhmqVXkAxWEAOdacMnCn4hwbaTY29KKhcbO1ayPMugzPOlqEJj0e A9bR/6Lqp/g1OKXpoL+bcxnqTSBzQe4EM9708a3JXuQni1aOduU6NVBHV21Ydne0 WxwWHoymoAqaBt7z/hk3+DFiu6G0aV1uObJZ0XB70iaGQikEG0M6J0V1k78Fn8pr kxi2yPLbfoFY1zh6f1vESw3PotSnJzeetoX7ONbbBtg7HNdEgKo= =T+X1 -----END PGP SIGNATURE-----