Hi all ! Le vendredi 7 janvier 2011 07:20:43, Julien Cristau a écrit : > > Version 2.1.6 released Monday correct various security issues [1]. > > According to the changelog [2], these should be addressed by r16879 [3], > > r16880 [4] and r16884 [5]. > > Can be fixed post release if necessary, not a blocker. If you do > upload a fix to unstable, please use high urgency and let the release > team know.
I agree with Julien. This is not a public vulnerability but one that affects registered authors. I would also like to document here that it is possible to install a temporary workaround provided by the SPIP team and called "écran de sécurité": http://www.spip.net/article4200.html This can be used while waiting for an updated package. Finally, I am very busy these days. I am not sure that I will have much time to prepare and test a new version soon. However, I would be more than happy to welcome any interested contributor/maintainer. Romain -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
