-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 05 Sep 2018 14:59:53 +0200 Source: dojo Binary: libjs-dojo-core libjs-dojo-dijit libjs-dojo-dojox shrinksafe Architecture: source Version: 1.14.1+dfsg1-1 Distribution: unstable Urgency: medium Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org> Changed-By: Bastien Roucariès <rouca@debian.org> Description: libjs-dojo-core - modular JavaScript toolkit libjs-dojo-dijit - modular JavaScript toolkit - Dijit libjs-dojo-dojox - modular JavaScript toolkit - DojoX shrinksafe - JavaScript compression system Closes: 906540 Changes: dojo (1.14.1+dfsg1-1) unstable; urgency=medium . * New upstream version. * Fix CVE-2018-15494 (Closes: #906540): In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid. Checksums-Sha1: 6ae4944de327ffa498050f81704fefcbfb0b5497 2379 dojo_1.14.1+dfsg1-1.dsc 2590f4e114ea934d3e2e8f24cfb331552d552710 33909294 dojo_1.14.1+dfsg1.orig.tar.gz 954a12fbd895fb764742d21dbdb82340bada7b86 14792 dojo_1.14.1+dfsg1-1.debian.tar.xz a5d61dbdd90f8ce05582f27105f69605576df953 6068 dojo_1.14.1+dfsg1-1_source.buildinfo Checksums-Sha256: b96bd4c3319ae88cba0aaf64ff60577f5d363b36ea2e9facdc975d3660b1fb50 2379 dojo_1.14.1+dfsg1-1.dsc dcc8f8dc252e600a4b404bf339a3f05cecad6ea96c93e3a1587252a1e6e1d83a 33909294 dojo_1.14.1+dfsg1.orig.tar.gz 0c5d9f7b48c1fd9f57292bf8bd6b175672a836bdf5c89291e5ed598b62f72148 14792 dojo_1.14.1+dfsg1-1.debian.tar.xz cd923f9b4bdfcb05b196b7dc90cb7a1c7ed63c89c1456cb007ca818bd7bf6a38 6068 dojo_1.14.1+dfsg1-1_source.buildinfo Files: 8a3e54d708a36fc99afa37fb658734f2 2379 javascript optional dojo_1.14.1+dfsg1-1.dsc cb7749ba3f71f14e43ca99ae0b853e72 33909294 javascript optional dojo_1.14.1+dfsg1.orig.tar.gz 696f1c7674033b4f9d136360d9e9f966 14792 javascript optional dojo_1.14.1+dfsg1-1.debian.tar.xz 621d81e34b1fef0f2e038c1f5ea18174 6068 javascript optional dojo_1.14.1+dfsg1-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAluP1FIACgkQADoaLapB CF9RGxAAi0SAlIfFJsewwpknk3qUstMdX6LP6rqiFlvpcaF8VLTa/tkDPmk2Jslw RSfCFfk6e57g3CkkcQ9EeToK4id+t+uL6DgLqqivEFR/xIFa0GiV/gYs9OZ79ava BzI67w/LaXXgqMjpKh3E5Xo/RXKAdxiCK9a6YFo9X6n+F8JM0ieEvK0QhCSzBqPC xZHN7204iF8bUBPWoWqbQNbBOWjI7fG0JarLLvDygRWzjZGTqPGDCMI/HclbMUZi nqyzCNj1lED4Jta4qmkyGyN2/20xwLu5tPha2thvjVvHbWjxGmwj9hWNEKo/YfNL Uy0YoULZrXdJr7349Bd5qRBqzD9yZG5JqbbbIUxROi9+z1sU1AZnUYPIZHc/7I5P 5NvJ/xaaSU5vCzNzXeWA+F8QiK5Yz7Yz+Q0k2D9nYG9e6yaDa0kIaGz4s5jHcvFo 9cybV6GDeXwB7YQ/8mWBHhZATmhBMphW7a6bGTUVTETUY0WclTS2vHkcDzdUX/7C Fv7xGTt0IUeTAqOiBLm7g950NaVrnZpPqZRrh4ybqLd/JM1qKVT1Wysf2Xg2c4hj yMZM8Gx2mqU/0UD65fwenrXei9Fz47uFp/fXCG/6V1FgYWP8gWgi8ohQ+ayLVxJG +wKx9AukQVlfO7DKBNjFu8Bo1Jfe4iMliOchTt6WTJyr4/OgJDU= =ejz6 -----END PGP SIGNATURE-----