-
Committer:
Bazaar Package Importer
-
Author(s):
Francois Marier
-
Date:
2010-07-08 17:02:43 UTC
-
Revision ID:
james.westby@ubuntu.com-20100708170243-glo9jt21pb6nysxt
Tags: 1.2.4-1ubuntu0.1
* SECURITY UPDATE: multiple cross-site scripting vulnerabilities
- debian/patches/CVE-2010-1667.patch: upstream patch
- CVE-2010-1667
* SECURITY UPDATE: multiple cross-site request forgery vulnerabilities
- debian/patches/CVE-2010-1668.patch: upstream patch
- CVE-2010-1668
* SECURITY UPDATE: SQL injection
- debian/patches/CVE-2010-1669.patch: upstream patch
- CVE-2010-1669
* SECURITY UPDATE: unsafe auth plugins configuration options
- debian/patches/CVE-2010-1670.patch: upstream patch
- CVE-2010-1670
* SECURITY UPDATE: IE-only cross-site scripting bug in HTML Purifier
- depend on php-htmlpurifier and stop using the bundled version
- CVE-2010-2479