-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 13 Aug 2017 16:03:02 +0200 Source: extplorer Binary: extplorer Architecture: source all Version: 2.1.0b6+dfsg.3-4+deb7u5 Distribution: wheezy-security Urgency: high Maintainer: Thomas Goirand <zigo@debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: extplorer - web file explorer and manager using Ext JS Changes: extplorer (2.1.0b6+dfsg.3-4+deb7u5) wheezy-security; urgency=high . * Non-maintainer upload by the Wheezy LTS Team. * CVE-2017-12756 Fix command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to inject command via the userfile[0] parameter. Checksums-Sha1: 37ebea405a8ed1da2dfd2fe28964a4019b0766d1 2083 extplorer_2.1.0b6+dfsg.3-4+deb7u5.dsc be7ea3a1af9ab4949d5083d30b78dd53aab74952 333069 extplorer_2.1.0b6+dfsg.3.orig.tar.gz 8f3d4cff1dc5fe7de4449e37c8c219ccf63c1a2b 17014 extplorer_2.1.0b6+dfsg.3-4+deb7u5.debian.tar.gz ebac6a2300a6f635673d88ba1236aa68ef46ff0e 351162 extplorer_2.1.0b6+dfsg.3-4+deb7u5_all.deb Checksums-Sha256: ec63a49e1660ebe0d19939cdc4b095156cb64126d52cae0e20473f77d5db29fa 2083 extplorer_2.1.0b6+dfsg.3-4+deb7u5.dsc 466040f5755f9f27247b1bded0d764ed5b0ff6007d3de08413059d53341969fb 333069 extplorer_2.1.0b6+dfsg.3.orig.tar.gz 2e91d12c7f410de9e225b4d6333693b4626f7d58e1f1e0070bc4004c965124ac 17014 extplorer_2.1.0b6+dfsg.3-4+deb7u5.debian.tar.gz 2e944350126dcdd413d0d57a231583a586ef8c5d7bfcc4a0118f7c6cc5d1ea02 351162 extplorer_2.1.0b6+dfsg.3-4+deb7u5_all.deb Files: dd7bc809d63d487073cb8923ad2fb890 2083 web optional extplorer_2.1.0b6+dfsg.3-4+deb7u5.dsc 44d5dce06700b2c99499e57c0525106e 333069 web optional extplorer_2.1.0b6+dfsg.3.orig.tar.gz 18351b9fd3f0f80609822f7fcaf6f846 17014 web optional extplorer_2.1.0b6+dfsg.3-4+deb7u5.debian.tar.gz bbbfa3fe4c37b6e037cb5c5164723dc4 351162 web optional extplorer_2.1.0b6+dfsg.3-4+deb7u5_all.deb -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAlmbGVdfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYRya0EACBBqOGKqQXGIXwOB4EtZBtKoS8iE99 BYCVO1QUCUrHwK6YdPlUVTvlVIUPba4B13Wy48lvt0eqiAJz+xjeIpnuFOwx7Doy bQv4gYst4KMRkZFLh6D3ic1Tl/ELw2yABDeC2yrvRDRfzsIU3fq+la9D9DZZyV2q /f2MqTe4bKZpGwemccoeKOo+O0dB8kV/KkfefnAKGsACis2u6WTVphwan6OHzNtr 7pTo6dHIYYeAhb0efvti3C1sstaZu/A4QC7JUGQMNgkh89E3Qo502SRuUS/3WnUI LmBcBoCWGt7JzZnniLYWgmT5tzJ7GMmHofw4MKIxajMQmWQHYHNuLr9yKyw/09fY k2wHfE4fqDfXuNPjAyWlP6pKeRTVWWWtUkBqa3iogu+JdrgEIH07ZJWU5A7mz3gD eHsLWVnIA8J4cdW3AShKGXEcLcjT8i5iuW+9LjRRoO3I2hp7irnHDVQcleWPr2Io m+8O18tVReanxhZqGYT98KH2vstPbhoLkD6jvK9EuI+XnU90FdFLgglcDk42qBe9 ySGcBDHdHBCqzA5TJ1DMO2zXOgXZm7Hn/FhASv4gjN1PN3qdSkeZ0vsPRyqOghUP tRFPZ1ViOH5kvfFSARKgfBNBiI9as6Ufv5Az9XmfgihTtSpHQ56MPfdzyrKDhih/ lcvvQBpmTTkjMg== =m3R8 -----END PGP SIGNATURE-----