-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 14 Jan 2018 17:12:42 +0100 Source: libkohana2-php Binary: libkohana2-php libkohana2-modules-php Architecture: source all Version: 2.3.4-2+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Sven Velt <sven@velt.de> Changed-By: Markus Koschany <apo@debian.org> Description: libkohana2-modules-php - lightweight PHP5 MVC framework (extension modules) libkohana2-php - lightweight PHP5 MVC framework Changes: libkohana2-php (2.3.4-2+deb7u1) wheezy-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2016-10510: Cross-site scripting (XSS) vulnerability in the Security component of Kohana allows remote attackers to inject arbitrary web script or HTML by bypassing the strip_image_tags protection mechanism in system/classes/Kohana/Security.php. This issue was resolved by permanently removing the strip_image_tags function. Users are advised to sanitize user input by using external libraries. See also https://github.com/kohana/kohana/issues/107 Checksums-Sha1: 4d066fd5b515e47122a4c1c3666b7b8b68857456 2160 libkohana2-php_2.3.4-2+deb7u1.dsc 37d0f69eff43b0b2926e254c51f043ad629c1d7c 566476 libkohana2-php_2.3.4.orig.tar.gz 85d45a0c3a743268617c1ff5f9f754a55e965c1c 7425 libkohana2-php_2.3.4-2+deb7u1.debian.tar.gz f77e4b76f6950c39bd28bb764a9219989dc274b1 295708 libkohana2-php_2.3.4-2+deb7u1_all.deb 59956011f339a009f8ef62c444ab1c66db34c396 80156 libkohana2-modules-php_2.3.4-2+deb7u1_all.deb Checksums-Sha256: 60b16b8a8e2a8494c0d3c5798548532726281c06c3b87c365b1b71c6fd823f57 2160 libkohana2-php_2.3.4-2+deb7u1.dsc 3244187b35fcdd2c65b8cc494c6c97feae1aa5b11a981f9ea22f6c528af7b996 566476 libkohana2-php_2.3.4.orig.tar.gz f04b7502a8427370479bed98c71ed603897dadf0b5365b6eebd5424a0dff6ec4 7425 libkohana2-php_2.3.4-2+deb7u1.debian.tar.gz 453c0817483fca9bf7cdd494c0184ca3bc220d9df357b132840525c64d7576f7 295708 libkohana2-php_2.3.4-2+deb7u1_all.deb 75a9a0092c3bbb8020b4abcf9ac31ce90e821bda767f97b94f77dc13679f656d 80156 libkohana2-modules-php_2.3.4-2+deb7u1_all.deb Files: 6279cc69282706a007eebcf3f8bcdab7 2160 php optional libkohana2-php_2.3.4-2+deb7u1.dsc 778ee7d16e4a9a97de860547adbb6a1e 566476 php optional libkohana2-php_2.3.4.orig.tar.gz 19040aa95d530a5756e7352f817f9b26 7425 php optional libkohana2-php_2.3.4-2+deb7u1.debian.tar.gz 730ad35a3f080cf16f9bc0454fb50d91 295708 php optional libkohana2-php_2.3.4-2+deb7u1_all.deb f8cf67a272de5dcf8d47df7a4c3f9a88 80156 php optional libkohana2-modules-php_2.3.4-2+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlpbgxNfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkxSYQAJVSdd3VHxlrZtYaEW/xZUA8HskDR6mRVjLw 1KsasBljwHDJRrLgUShxPQSoTrFAlCcCPWCtBhgW71kavyx+vdwGnD2Wngzstf2i 8cM7BGRf6LceyiVBIAFxiqPUqch2Rv0f4cOEo7e85tmM8Dz2J29Un9a/unoa2z1C GH0nePGMAsxDBVhpALXIQcxl2Eyo1vvkxD2NL2Z1nZ52VEXiyVJWc5+xYC7gLiaa l+U+Lke8IT7ssF/rnObbJXM0WU/on9+aD03OLKkGmoksMAyB70Fyc2+NVwzNzMZ8 1CXcfmzMf3ukwj8umMOZKb5jkWTmbTF9iuxIIqzAWgvTZjvsOcSB+Ewri9kS2s6X iNYwuhCy+DfNdIdxveDUlkHKtjNNwZJGTXiOcY5whqZbrZ2Cs1OHvy5FoVV29psn NQ2hrLwaAsaWkZP1NlvDiX505tNPXYCm3jKJZHyYbJWqeTnXhhtlH91fywe++Rdb nA69nBaYEkWW9Z9r/NjHTMl8HTpbj/WXMMnwl5j+HS5SPSdCPUrql1nT8G8mZj5L OqHByTlMktc4qm3DzJEKDMUcXri+Lyblnx9OkEVMnU2TaIpY6jZXFucdx/ttxVwf WEJDjkr2qgEerNniWIkrtDg7JcyypGVBbzZReJVHSYPYJX9uA7urqdwQxAwCAFA/ ZROCUXc4 =OBOS -----END PGP SIGNATURE-----
