Hi, I will 0-day NMU this issue to fix the previous upload by Steffen. Attached is a fix for the issue.
It will be also archived on: http://people.debian.org/~nion/nmu-diff/websvn-1.61-22.2_1.61-22.3.patch Kind regards Nico -- Nico Golde - http://ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
diff -u websvn-1.61/debian/changelog websvn-1.61/debian/changelog
--- websvn-1.61/debian/changelog
+++ websvn-1.61/debian/changelog
@@ -1,3 +1,11 @@
+websvn (1.61-22.3) unstable; urgency=high
+
+ * Non-maintainer upload by testing security team.
+ * Altered CVE-2007-3056.diff from previous NMU to fix
+ usage of functions from future upstream release (Closes: #442137).
+
+ -- Nico Golde <[EMAIL PROTECTED]> Sat, 22 Sep 2007 08:57:34 +0200
+
websvn (1.61-22.2) unstable; urgency=high
* Non-maintainer upload by the testing-security team
diff -u websvn-1.61/debian/patches/CVE-2007-3056.diff websvn-1.61/debian/patches/CVE-2007-3056.diff
--- websvn-1.61/debian/patches/CVE-2007-3056.diff
+++ websvn-1.61/debian/patches/CVE-2007-3056.diff
@@ -1,4 +1,6 @@
---- filedetails.php.orig 2007-09-03 13:44:37.000000000 +0000
+Index: websvn-1.61/filedetails.php
+===================================================================
+--- websvn-1.61.orig/filedetails.php 2007-09-03 13:44:37.000000000 +0000
+++ websvn-1.61/filedetails.php 2007-09-03 13:45:29.000000000 +0000
@@ -127,9 +127,9 @@
$vars["goyoungestlink"] = "";
@@ -7,7 +9,7 @@
-$vars["repname"] = $rep->name;
-$vars["rev"] = $rev;
-$vars["path"] = $ppath;
-+$vars["repname"] = htmlentities($rep->getDisplayName(), ENT_QUOTES, 'UTF-8');
++$vars["repname"] = htmlentities($rep->name, ENT_QUOTES, 'UTF-8');
+$vars["rev"] = htmlentities($rev, ENT_QUOTES, 'UTF-8');
+$vars["path"] = htmlentities($ppath, ENT_QUOTES, 'UTF-8');
pgpIo20ULJSS0.pgp
Description: PGP signature
