-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 23 Apr 2012 17:37:13 -0400 Source: spip Binary: spip Architecture: source all Version: 2.1.1-3squeeze3 Distribution: stable-security Urgency: high Maintainer: SPIP packaging team <spip-maintainers@lists.alioth.debian.org> Changed-By: David Prévot <taffit@debian.org> Description: spip - website engine for publishing Closes: 670110 Changes: spip (2.1.1-3squeeze3) stable-security; urgency=high . * Non-maintainer upload by the Security Team. * Updated security screen. Prevent several cross site scripting. * Backport patches from 2.1.7: - fix absolute redirection in actions; - fix PHP injection via lang form. * Backport patch from 2.1.8: - fix XSS on action=converser. * Backport patches from 2.1.11: - fix configuration available to writers; - fix XSS injection via prive/cfg.html; - fix blocked server with action=tester_taille call. * Backport patches from 2.1.13: - fix open redirect on logout; - fix arbitrary password change; - fix XSS on referer. Closes: #670110 Checksums-Sha1: 62f9c782d1e285bc3ebd53a16478e6275cf6a17f 1770 spip_2.1.1-3squeeze3.dsc 3498ba7c4040ad1d392bc95c2610f0d7b09f4aa2 21619 spip_2.1.1-3squeeze3.diff.gz fe617890373101b255882ecea8a557bad76883de 3863526 spip_2.1.1-3squeeze3_all.deb Checksums-Sha256: 286bbeceb79e00e355545bb46fd63efe8524ec290ae738bf00ebf4e4b01f4f1a 1770 spip_2.1.1-3squeeze3.dsc 9e0773737d1fe78b588f659e24c502d06c6984a6085a253fc1aad01820485f32 21619 spip_2.1.1-3squeeze3.diff.gz ae50f8cbea4e4d04f6ff71f0b673b03802da97a1b6426bf42db7e8e75f5f875f 3863526 spip_2.1.1-3squeeze3_all.deb Files: 36807e3f3c5faad193afd65ed1c461aa 1770 web extra spip_2.1.1-3squeeze3.dsc dfca8ccd58dfd8ab53b1b8e5c618d96d 21619 web extra spip_2.1.1-3squeeze3.diff.gz 16556e54704fa0488415cdecf4889faf 3863526 web extra spip_2.1.1-3squeeze3_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJPlc1cAAoJELgqIXr9/gnyHGIP/0bb9DuCqYSHhiEOQWWW/wyl C9GhQnHQjaOd38RvGziIoYy9Zd0HHwXsdbuEbbd3data+eBzshjGbhITi5SNuZ8w YbxBRL2Q39FSxSeFWWhejdIQCs9hABSkpJVUP/SFNtswwiF8mJMEdRN79uM13e4z k/EW1vcWMA1ctK8AzMFFF4vS/eKe/oWeTByI1Fshj3l1HHI6PqsFV1LgoXDKZb3r Zxj7Gd5opYxb66xS+Q3enWZeFRj5PIBWrKiSEVn9a01kHk1A3EK4aI5wquI7nlP8 hQgokXSpBo0kMC2NAEZJ9lNtbxohX0gQBeUZisrvyCI/d555ewU8yKWNIthEWZOm AdWJAf4oVjaN24QNHr9+skOAqkWdpZwUd7WJk6z376zPbFpCKLK1NbHGY3QL3NKV BLzl5cnoUApFaWslxJGI3TQon/VsGY0J8BTowmSxInEdisGvFBGsAFJJaahz2XXh aQZgHc+/VdHIiQy6+c+FuLDj6nS4EdsFs2Z949EaS8lFEnq/5Ra6n3AIxOjQsvHU uxHsgEYmGqyJ0DQP6s8O5bbU4uRFrgtNw348B+xiSgCc8KUZhUeuspTabKM3yWRs Nf+6+3tUwN62nSVX3FbPocIu4IgndYSNyzRpBKN2kbzd5bMyX9t8UwmjlIkm39+m oox4HlN2jE/M2TFilcbP =v5rV -----END PGP SIGNATURE----- Accepted: spip_2.1.1-3squeeze3.diff.gz to main/s/spip/spip_2.1.1-3squeeze3.diff.gz spip_2.1.1-3squeeze3.dsc to main/s/spip/spip_2.1.1-3squeeze3.dsc spip_2.1.1-3squeeze3_all.deb to main/s/spip/spip_2.1.1-3squeeze3_all.deb
