Your message dated Wed, 25 May 2011 22:47:35 +0000
with message-id <e1qpmrx-00059a...@franck.debian.org>
and subject line Bug#627936: fixed in movabletype-opensource 4.3.6+dfsg-1
has caused the Debian Bug report #627936,
regarding movabletype-opensource: Unspecified security vulnerabilities fixed in
4.36
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
627936: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627936
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: movabletype-opensource
Version: 4.3.5+dfsg-3
Severity: grave
Tags: security
Justification: user security hole
As reported in
<http://www.movabletype.org/2011/05/movable_type_51_and_505_436_security_update.html>
Quote:
"A remote attacker could execute arbitrary code in a logged-in users' web
browser. A remote attacker could read or modify the contents in the system
under certain circumstances."
--- End Message ---
--- Begin Message ---
Source: movabletype-opensource
Source-Version: 4.3.6+dfsg-1
We believe that the bug you reported is fixed in the latest version of
movabletype-opensource, which is due to be installed in the Debian FTP archive:
movabletype-opensource_4.3.6+dfsg-1.debian.tar.gz
to
main/m/movabletype-opensource/movabletype-opensource_4.3.6+dfsg-1.debian.tar.gz
movabletype-opensource_4.3.6+dfsg-1.dsc
to main/m/movabletype-opensource/movabletype-opensource_4.3.6+dfsg-1.dsc
movabletype-opensource_4.3.6+dfsg-1_all.deb
to main/m/movabletype-opensource/movabletype-opensource_4.3.6+dfsg-1_all.deb
movabletype-opensource_4.3.6+dfsg.orig.tar.gz
to main/m/movabletype-opensource/movabletype-opensource_4.3.6+dfsg.orig.tar.gz
movabletype-plugin-core_4.3.6+dfsg-1_all.deb
to main/m/movabletype-opensource/movabletype-plugin-core_4.3.6+dfsg-1_all.deb
movabletype-plugin-zemanta_4.3.6+dfsg-1_all.deb
to
main/m/movabletype-opensource/movabletype-plugin-zemanta_4.3.6+dfsg-1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 627...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Dominic Hargreaves <d...@earth.li> (supplier of updated movabletype-opensource
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 25 May 2011 23:34:08 +0100
Source: movabletype-opensource
Binary: movabletype-opensource movabletype-plugin-core
movabletype-plugin-zemanta
Architecture: source all
Version: 4.3.6+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Dominic Hargreaves <d...@earth.li>
Changed-By: Dominic Hargreaves <d...@earth.li>
Description:
movabletype-opensource - A well-known blogging engine
movabletype-plugin-core - Core Movable Type plugins
movabletype-plugin-zemanta - Zemanta Movable Type plugin
Closes: 627936
Changes:
movabletype-opensource (4.3.6+dfsg-1) unstable; urgency=high
.
* New upstream release
- fixes unspecified security vulnerabilities (closes: #627936)
* Update versioned dependency on libdata-objectdriver-perl to 0.08
following bundled version number
Checksums-Sha1:
3e015d6895169a3322da76bc9f3001ec268eb455 1275
movabletype-opensource_4.3.6+dfsg-1.dsc
d314bd18184f0d6a74ba09ad63166104ffab97af 4745389
movabletype-opensource_4.3.6+dfsg.orig.tar.gz
18cac0cda4f66e5b4692d7c3107b8641213b3904 28827
movabletype-opensource_4.3.6+dfsg-1.debian.tar.gz
cd404832a5976963fb5a03ac0f720afc1487f444 2897238
movabletype-opensource_4.3.6+dfsg-1_all.deb
6a61cf0bd181f0dbd4cd099a7feb9eda52c90817 170312
movabletype-plugin-core_4.3.6+dfsg-1_all.deb
e1ff2ad7634ad01c4d2c568e62893e63adb75e7c 14686
movabletype-plugin-zemanta_4.3.6+dfsg-1_all.deb
Checksums-Sha256:
1db163508eeb08d9f34b68199a783e616fdec178c993b324ceca2aefdd3385ac 1275
movabletype-opensource_4.3.6+dfsg-1.dsc
4b223db22b97b87ee737f8aa17cbd4fabc8fed73701d5a4557e14dec160edd4e 4745389
movabletype-opensource_4.3.6+dfsg.orig.tar.gz
1cdcc51faa018ba3752bd1e3f1312eded5d2ea92144a71a4846c6ef2b9daec52 28827
movabletype-opensource_4.3.6+dfsg-1.debian.tar.gz
8dd86d539042ca67b5c58c8f2b8a3f66f530e5cd1ba0e70f3a76adf27f4ace7c 2897238
movabletype-opensource_4.3.6+dfsg-1_all.deb
f80f832693ea30ea92f56687190ba779240a2881c570fb552fa55e9310c6e848 170312
movabletype-plugin-core_4.3.6+dfsg-1_all.deb
e797d0a0bd777d49c83d1d1793948406f71271b0e7f6c7c119ec6129bdbdb32d 14686
movabletype-plugin-zemanta_4.3.6+dfsg-1_all.deb
Files:
fcbb4450122c5a62ca7dbd7bfe04cfc8 1275 web optional
movabletype-opensource_4.3.6+dfsg-1.dsc
443932fe2ac06285cce4c38fd1dca8c0 4745389 web optional
movabletype-opensource_4.3.6+dfsg.orig.tar.gz
71ab291e6b02140ce88ae0f3c7a42ca5 28827 web optional
movabletype-opensource_4.3.6+dfsg-1.debian.tar.gz
03c3ba303e090d031ce3a8e144077eba 2897238 web optional
movabletype-opensource_4.3.6+dfsg-1_all.deb
0cf3c7ce962923f3423104c3f0011c2f 170312 web optional
movabletype-plugin-core_4.3.6+dfsg-1_all.deb
8df5017abfb58800e48f59ad904888b7 14686 web optional
movabletype-plugin-zemanta_4.3.6+dfsg-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFN3YRKYzuFKFF44qURAq0NAJ40yM+3mtZ1XRfmoi5OU+nMK9xCugCg8dkQ
VAYYBboDf5yp30K7tbf3Dwc=
=Qbs0
-----END PGP SIGNATURE-----
--- End Message ---
