-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sun, 26 Nov 2006 11:00:57 +0000 Source: sql-ledger Binary: sql-ledger Architecture: source all Version: 2.4.7-2sarge1 Distribution: stable-security Urgency: high Maintainer: Finn-Arne Johansen <faj@bzz.no> Changed-By: Raphael Hertzog <hertzog@debian.org> Description: sql-ledger - A web based double-entry accounting program Closes: 386519 Changes: sql-ledger (2.4.7-2sarge1) stable-security; urgency=high . * Security upload. * Fix bad handling of sessionid: CVE-2006-4244 Closes: #386519 (backported from 2.6.18) * Fix directory traversal security issues (backported from 2.6.19) * Fix a remote execution vulnerability too (backported from 2.6.21). Files: 0392c058e58df7deca105cddb2b40ca5 655 web optional sql-ledger_2.4.7-2sarge1.dsc 04c9ffe49045cad569c5a368d7ebaa76 1695610 web optional sql-ledger_2.4.7.orig.tar.gz 45d1d70cfa3c385bf74b38bcccbe584c 18423 web optional sql-ledger_2.4.7-2sarge1.diff.gz 9cd9a4cf9057efc57384fe952bf4751f 1796848 web optional sql-ledger_2.4.7-2sarge1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFFcxsbXm3vHE4uyloRAi14AJ98kBE8WyrwrNfWYZl1np0wIkwWhgCfefyT CWthQSOMHdc/BAaruRIhiA0= =+0Sh -----END PGP SIGNATURE----- Accepted: sql-ledger_2.4.7-2sarge1.diff.gz to pool/main/s/sql-ledger/sql-ledger_2.4.7-2sarge1.diff.gz sql-ledger_2.4.7-2sarge1.dsc to pool/main/s/sql-ledger/sql-ledger_2.4.7-2sarge1.dsc sql-ledger_2.4.7-2sarge1_all.deb to pool/main/s/sql-ledger/sql-ledger_2.4.7-2sarge1_all.deb
