Package: spip Version: 2.1.1-2 Severity: grave
A security release of SPIP has just been announced: http://www.spip-contrib.net/SPIP-2-1-8-corrige-une-importante-faille-de-securite (french) Not much information is available about the exact issue and the changelog is not helpful either. I have not time at the moment to prepare a fixed package. Any contributor is warmly welcome to NMU the package with no delay. In the mean time, users can download and install a security fix called security screen from there: http://zone.spip.org/trac/spip-zone/browser/_core_/securite/ecran_securite.php?format=txt and documented there: http://www.spip.net/en_article4200.html Romain -- System Information: Debian Release: 6.0 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-4-amd64 (SMP w/2 CPU cores) Locale: LANG=fr_FR.UTF8, LC_CTYPE=fr_FR.UTF8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages spip depends on: pn apache2 | httpd <none> (no description available) ii debconf [debconf-2.0] 1.5.37 Debian configuration management sy ii libjs-jquery 1.4.2-2 JavaScript library for dynamic web ii php-html-safe 0.10.0-1 strip down all potentially dangero ii php5 5.3.3-7 server-side, HTML-embedded scripti ii php5-mysql 5.3.3-7 MySQL module for php5 Versions of packages spip recommends: ii imagemagick 8:6.6.0.4-3 image manipulation programs ii mysql-server 5.1.49-3 MySQL database server (metapackage ii mysql-server-5.1 [mysql-s 5.1.49-3 MySQL database server binaries and ii netpbm 2:10.0-12.2+b1 Graphics conversion tools between spip suggests no packages. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
