-
Committer:
Package Import Robot
-
Author(s):
Jamie Strandboge
-
Date:
2013-06-17 14:56:56 UTC
-
Revision ID:
package-import@ubuntu.com-20130617145656-vodjz6dpgduikobg
Tags: 1.4.8-0ubuntu2.2
* SECURITY UPDATE: fix unchecked input in XML responses
- debian/patches/CVE-2013-2161.patch: use saxutils.quoteattr() on account
name
- CVE-2013-2161
- LP: #1183884
* SECURITY UPDATE: optionally allow using secure json serialization instead
of pickle.
- debian/patches/CVE-2012-4406.patch: add memcache_serialization_support
option and update man pages
- debian/patches/memcache_serialization_support-default-to-zero.patch:
default to insecure pickle configuration for people upgrading.
Interested users can adjust this as desired
- CVE-2012-4406
- LP: #1006414