Accepted phpbb2 2.0.21-6 (source)
Ubuntu Installer
archive at ubuntu.com
Mon Jan 22 15:32:00 GMT 2007
Accepted:
OK: phpbb2_2.0.21-6.diff.gz
OK: phpbb2_2.0.21-6.dsc
-> Component: universe Section: web
Origin: Debian/unstable
Format: 1.7
Date: Mon, 22 Jan 2007 10:43:07 +0000
Source: phpbb2
Binary: phpbb2, phpbb2-conf-mysql, phpbb2-languages
Architecture: source
Version: 2.0.21-6
Distribution: feisty
Urgency: high
Maintainer: Jeroen van Wolffelaar <jeroen at wolffelaar.nl>
Changed-By: Michael Bienia <michael at vorlon.ping.de>
Description:
phpbb2 - A fully featured and skinnable flat (non-threaded) webforum
Closes: 402140 402140 404160
Changes:
phpbb2 (2.0.21-6) unstable; urgency=high
.
* Selected patches from upstream 2.0.22 for security issues:
* CVE-2006-6421: Cross-site scripting (XSS) vulnerability in the private
message box implementation (Closes: #402140).
* CVE-2006-6841: Cross Site Request Forgery was possible with some forms.
* CVE-2006-6840: Prevent negative start parameter. Exploitability unknown,
but flagged by upstream as a security fix and a harmless change.
* CVE-2006-6839: Improve check for bad redirection targets, exploitability
unkown, but flagged by upstream as a security fix and a harmless change.
(Closes: #402140)
.
* Added German debconf translation by Matthias Julius (Closes: #404160).
Files:
349ba9624634152409ecc322763fab44 89517 web optional phpbb2_2.0.21-6.diff.gz
b94900b3f585ed3320c60df4b3492ea6 759 web optional phpbb2_2.0.21-6.dsc
More information about the feisty-changes
mailing list