Bug#644290: marked as done (phppgadmin multiple XSS (CVE-2011-3598))

[Debian Bug Tracking System]

Your message dated Wed, 05 Oct 2011 20:54:22 +0000
with message-id <e1rbytu-0001qo...@franck.debian.org>
and subject line Bug#644290: fixed in phppgadmin 5.0.3-1
has caused the Debian Bug report #644290,
regarding phppgadmin multiple XSS (CVE-2011-3598)
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
644290: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=644290
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: phppgadmin
Severity: critical
Tags: security

Hi,

Multiple XSS vulnerabilities have been reported in phpPgAdmin:
https://secunia.com/advisories/46248/

Please ensure that unstable is fixed on short notice and give the upload
an elevated urgency tag.

Can you also assess whether (old)stable are affected, and if so, provide
packages? If not (affected or able), do let us know aswell.

In any case, please mention CVE-2011-3598 in your changelogs.


thanks,
Thijs

--- End Message ---

--- Begin Message ---

Source: phppgadmin
Source-Version: 5.0.3-1

We believe that the bug you reported is fixed in the latest version of
phppgadmin, which is due to be installed in the Debian FTP archive:

phppgadmin_5.0.3-1.debian.tar.gz
  to main/p/phppgadmin/phppgadmin_5.0.3-1.debian.tar.gz
phppgadmin_5.0.3-1.dsc
  to main/p/phppgadmin/phppgadmin_5.0.3-1.dsc
phppgadmin_5.0.3-1_all.deb
  to main/p/phppgadmin/phppgadmin_5.0.3-1_all.deb
phppgadmin_5.0.3.orig.tar.gz
  to main/p/phppgadmin/phppgadmin_5.0.3.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 644...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christoph Berg <m...@debian.org> (supplier of updated phppgadmin package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 05 Oct 2011 21:47:32 +0200
Source: phppgadmin
Binary: phppgadmin
Architecture: source all
Version: 5.0.3-1
Distribution: unstable
Urgency: low
Maintainer: Isaac Clerencia <is...@debian.org>
Changed-By: Christoph Berg <m...@debian.org>
Description: 
 phppgadmin - web-based administration tool for PostgreSQL
Closes: 644290
Changes: 
 phppgadmin (5.0.3-1) unstable; urgency=low
 .
   * New upstream release, fixes XSS vulnerabilities.
     Closes: #644290, CVE-2011-3598.
Checksums-Sha1: 
 fe2527743edf131853e253a197813f734c0ed41f 1949 phppgadmin_5.0.3-1.dsc
 dcf3f3a580fce7e2ed8d57a6559a23b8b7c20417 1056396 phppgadmin_5.0.3.orig.tar.gz
 54a7a745842386650ae5a57735191e5320814a8f 10889 phppgadmin_5.0.3-1.debian.tar.gz
 4dc6a1c3bd15e97fbf53df5fff855c3c656c6479 1018752 phppgadmin_5.0.3-1_all.deb
Checksums-Sha256: 
 880e7e8b6a4a394aec9977109ea1490d6e170284fb86565ff9d76137072a5cce 1949 
phppgadmin_5.0.3-1.dsc
 5cb6fc8b6bcf109d6919f99d875e4407f7b78fdcc3a1d92d9e76c99ed281a166 1056396 
phppgadmin_5.0.3.orig.tar.gz
 8f1a725f0df4140a4e23389b0c7700be4b29ad0c26bd64663bc7a3ceea12c7ad 10889 
phppgadmin_5.0.3-1.debian.tar.gz
 114ea51c0d518b6857638c5bce1c7366367b2179abfac807b8670f54decb9226 1018752 
phppgadmin_5.0.3-1_all.deb
Files: 
 28513af558a8d4860c4682ce2cc2a3ac 1949 web extra phppgadmin_5.0.3-1.dsc
 885e18d4fc02805e479034c1e6c23c41 1056396 web extra phppgadmin_5.0.3.orig.tar.gz
 475ecf4b10b9a4a790511caaf143b444 10889 web extra 
phppgadmin_5.0.3-1.debian.tar.gz
 64df941fb7d39706528a6c1bbca781d5 1018752 web extra phppgadmin_5.0.3-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJOjLfcAAoJEExaa6sS0qeuiHcP/RKtvTpEmjaRIH2vwBNZKBel
cMZ1iNKfpdrDzUuw/WotPxdEWNppQuOr4oxsZ6qFYx+YXjW6gzCQOT2mGo7pasp1
YQa4W/nPUbt0QFoxMR3Yhe+l7qeq84MI0v9Zfo+QSRV5Mc4UvCdtNmjG6+fzgk9F
o1ey7/3NhE6CrdQDsyXdi22VN+4E4xOmeVYtwjaI+ND9uDKfX7t4BIKJ+WlypGY5
OeFpWSTs7DvPkvf0O+yBk9bpQLoYa62zh6Ulu467nH7C8IFf4HfhuFD/hponKYAj
bGaS2KA51UkiNeMJYbhOS+aYAw9+gLHy1xUQpu/q4xWAWVVtvd+KY39rB3MLSbJy
LzIibN4P7M2Sv+qVXRS4wqBKe/sZnWG8aBdi6+7FBkkxfV2A4ZRoTxN8SFCVHE4j
aC7vFJDxoLybNoz9MF6X8XBk7++I/VQdMFnFarrmg9pJxeF630OzEq96xDMbzRdb
TmTbopL2IWVc0hI5tMGW15Iw98BSWo0TL7t78pLdO4WZyKtwftIZOJVaP/cbNe6d
rNyXULNYre8tfIQ2EBr5lpBQKxdJCww9Zy9iFcVaalWm+67e0E8UhdN8JZMNfB5s
3tCzbJt08VT5xKxQSqHvRDRtNp4HVrSR7pqVuGBeNJUwc+yAFPESEeLosRPjLBac
6AMGqij/8LX2QmZuZKWu
=kM1P
-----END PGP SIGNATURE-----

--- End Message ---