Your message dated Mon, 20 Oct 2014 16:35:50 +0000 with message-id <e1xgfvy-0002lb...@franck.debian.org> and subject line Bug#764885: fixed in php-htmlpurifier 4.6.0-1 has caused the Debian Bug report #764885, regarding Security flaws in the current Debian version to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 764885: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=764885 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: php-htmlpurifier Version: 4.4.0+dfsg1-1 Severity: serious Tags: security Hi, HTMLPurifier 4.6.0, published almost a year ago, “is a major security release, fixing numerous bad quadratic asymptotics in HTML Purifier's core algorithms.” according to upstream changelog. “Additionally, the secure URI munging algorithm has changed to do a proper HMAC.” You may wish to maintain this package inside the PHP PEAR Maintainers team and take advantage of the pkg-php-tools helper. Regards David -- System Information: Debian Release: jessie/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (100, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.16-2-amd64 (SMP w/1 CPU core) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages php-htmlpurifier depends on: ii php5 5.6.0+dfsg-1 Versions of packages php-htmlpurifier recommends: ii php5-cli 5.6.0+dfsg-1+b1 php-htmlpurifier suggests no packages.
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---Source: php-htmlpurifier Source-Version: 4.6.0-1 We believe that the bug you reported is fixed in the latest version of php-htmlpurifier, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 764...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. David Prévot <taf...@debian.org> (supplier of updated php-htmlpurifier package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 17 Oct 2014 18:09:34 -0400 Source: php-htmlpurifier Binary: php-htmlpurifier Architecture: source all Version: 4.6.0-1 Distribution: unstable Urgency: medium Maintainer: Debian PHP PEAR Maintainers <pkg-php-p...@lists.alioth.debian.org> Changed-By: David Prévot <taf...@debian.org> Description: php-htmlpurifier - ${phppear:summary} Closes: 764885 Changes: php-htmlpurifier (4.6.0-1) unstable; urgency=medium . * Team upload * New upstream release, fixes security flaws (Closes: #764885) * Restart packaging within the Debian PHP PEAR Maintainers team * Move symlink to directory * Use a default writable directory in /var/lib * Convert copyright to format 1.0 Checksums-Sha1: f9594559e27fdd427e82697191a5cbd15b8aad9c 2075 php-htmlpurifier_4.6.0-1.dsc 15d225f14d8110bdfb797421881d8ea2cf38c15d 239621 php-htmlpurifier_4.6.0.orig.tar.gz 48c137e49061c24f7175e6f663b8c41a7b15eae1 24620 php-htmlpurifier_4.6.0-1.debian.tar.xz 6ff96cd7927138823d408a81ec705a49c4f90911 247798 php-htmlpurifier_4.6.0-1_all.deb Checksums-Sha256: b8ded99a3aa7c286ec4c9f8e28a031462d8fc219f190c9dcf1be53f0b5163062 2075 php-htmlpurifier_4.6.0-1.dsc ef7322f6a9d417b24de528c7b1d84b2021c79cc40d05ce805abce5dd5dba1c95 239621 php-htmlpurifier_4.6.0.orig.tar.gz ff5d1b718d47e4dccd160195ed12d41dd919e39f2f5ba655b84e9ed42cec4d00 24620 php-htmlpurifier_4.6.0-1.debian.tar.xz 2ded9b40e3003e5eed9ae738c8908ff8b0409eb06dc7144076b9d83943dfe927 247798 php-htmlpurifier_4.6.0-1_all.deb Files: 3f452f5c0df1760cf14f970ec25c64ef 2075 php optional php-htmlpurifier_4.6.0-1.dsc ccf5abe41bd05532d71b97c8bd1160c9 239621 php optional php-htmlpurifier_4.6.0.orig.tar.gz 75a74653157a6094ec71dde48c3ab4a8 24620 php optional php-htmlpurifier_4.6.0-1.debian.tar.xz 2049a9a0a6aed6b3c9ef229a30e7f05a 247798 php optional php-htmlpurifier_4.6.0-1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJURSmbAAoJELgqIXr9/gnysTwP/RRPL8+hkPh0yp/Bys/E5iGd oIh+Dw8Yy7Bzdjzn9y+KBh1yCkeoHRHlT83fpdcJ6ACzgSXppN2E9+2QD7gBJQ70 bcMFK5P3IrLBJbFWi1SA4ifU+Oi7ocYuIzjmZfervWxtThWLwBKQKuMdJVJJO7Tj /4+e7u+QCbDa8xO3CDZnWyq9dxa9qhThUodPFw/FV5JGeykOZzAEbifrlOuO1R+N ve1EqW223MCxv1gJB4Nb2sO2s+vyLRu/YdkEgIZXgpKYKd8UZhfnysiTxHLWGQWG FSyFfZkZ2eo7iNh/sozb4Ce+ZgKTidb1TSz/tpKh6LVMj02pbTHcUA6Sh76zK7y7 3OBJTjIwRJBNAk2KDCD98A81HZerTIax2HjX0atSVfPYzAHKDinIkarfdduFfZou S2t1l5TaikZANa//VKf99lT5yPqYqYNwuYA2fr6fA4cq5Ij8AXFHaoaO3qrFaTgV BSPedkJdo5A9ANwP1DwsPMRUcizWj3+Qt21qLZYJeZ+IR9QlNIfx8lJD1zDnUYLD Kxvxl3oWt+a9YCat05xeVwjKipik0s0wj2lRem71U6IIyxgSB/bAxQGRNPlQIRFo qp3Z4IaFqxW9iPia46GoOYzpaxWhnvMEVVFWXuyVjUGwenIG59vFA2ev33+lDJPJ D+L2Em/msnHj5l+5J10p =/sbc -----END PGP SIGNATURE-----
--- End Message ---
