Bug#388082: marked as done (security issues fixed in dokuwiki 20060309d)

Sun, 05 Nov 2006 16:16:16 -0800 

Your message dated Sun, 05 Nov 2006 15:33:42 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#388082: fixed in dokuwiki 0.0.20060309e-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message --- 
Package: dokuwiki
Version: 0.0.20060309-5
Severity: grave
Tags: security
Justification: user security hole

Hi,

upstream's 20060309_d_ release fixes four security issues, one of
them, http://bugs.splitbrain.org/index.php?do=details&id=906, allowing
attackers to place any code on the server where the webserver has
write access.

http://bugs.splitbrain.org/index.php?do=details&id=823
http://bugs.splitbrain.org/index.php?do=details&id=820
http://bugs.splitbrain.org/index.php?do=details&id=825
http://bugs.splitbrain.org/index.php?do=details&id=906

Please package and upload the new version asap.

Greetings
Marc

-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17.13-zgsrv
Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1)

--- End Message ---
--- Begin Message --- 
Source: dokuwiki
Source-Version: 0.0.20060309e-1

We believe that the bug you reported is fixed in the latest version of
dokuwiki, which is due to be installed in the Debian FTP archive:

dokuwiki_0.0.20060309e-1.diff.gz
  to pool/main/d/dokuwiki/dokuwiki_0.0.20060309e-1.diff.gz
dokuwiki_0.0.20060309e-1.dsc
  to pool/main/d/dokuwiki/dokuwiki_0.0.20060309e-1.dsc
dokuwiki_0.0.20060309e-1_all.deb
  to pool/main/d/dokuwiki/dokuwiki_0.0.20060309e-1_all.deb
dokuwiki_0.0.20060309e.orig.tar.gz
  to pool/main/d/dokuwiki/dokuwiki_0.0.20060309e.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mohammed Adnène Trojette <[EMAIL PROTECTED]> (supplier of updated dokuwiki 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sun,  5 Nov 2006 20:27:16 +0100
Source: dokuwiki
Binary: dokuwiki
Architecture: source all
Version: 0.0.20060309e-1
Distribution: unstable
Urgency: high
Maintainer: Mohammed Adnène Trojette <[EMAIL PROTECTED]>
Changed-By: Mohammed Adnène Trojette <[EMAIL PROTECTED]>
Description: 
 dokuwiki   - a standards compliant simple to use wiki
Closes: 326810 340028 374094 374750 378250 384007 387972 387974 388082 389207 
389442 391291 394083 394210 397030
Changes: 
 dokuwiki (0.0.20060309e-1) unstable; urgency=low
 .
   * New maintainer.
   * Switch to quilt for patch management.
   * Reorder Build-Depends and Build-Depends-Indep.
   * New upstream version:
      + remove new_upstream_2006-03-09e.
   * Ack Non Maintainer Uploads. (Closes: #389442)
   * Use dh_install instead of copying:
      + makes .htaccess a conffile. (Closes: #394083)
   * Add bin/ directory to installation. (Closes: #378250)
      + add php{4,5}-cli to Recommends.
   * Debconf Translations updates:
      + German, thanks to Erik Schanze. (Closes: #397030)
   * New debconf Translations:
      + Portuguese, thanks to Rui Branco. (Closes: #394210)
 .
 dokuwiki (0.0.20060309-5.2) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Refresh new_upstream_2006-03-09d into new_upstream_2006-03-09e.
     (Closes: #391291)
   * Correct templates:
      + patch from Thomas Huriaux.
   * Debconf Translations updates:
      + Czech, thanks to Miroslav Kure.
      + Swedish, thanks to Daniel Nylander.
      + French, thanks to Steve Petruzzello.
 .
 dokuwiki (0.0.20060309-5.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * Add a new_upstream_2006-03-09d dpatch (Closes: #388082):
      + integrate fixspellcheckersecurityflaw.dpatch.
   * Stop removing conffiles in postinst/postrm (Closes: #387974):
      + unlink lines commented out.
   * Stop relaunching webservers in postinst/postrm (Closes: #387972):
      + restart_webservers() not launched.
   * Debconf Translations:
      + French, thanks to Steve. (Closes: #374750, #384007)
      + Czech, thanks to Miroslav Kure. (Closes: #389207)
   * Run debconf-updatepo and fix templates:
      + patch from Simon Paillard. (Closes: #374094)
   * Add a localhost entry in dokuwiki.conf. (Closes: #326810)
   * Depend on apache2 instead of apache2-mpm-prefork.
   * Recommends imagemagick | php4-gd | php5-gd to store different sized cached
     images. (Closes: #340028)
Files: 
 e1159e292a345ab14dcfb3f60a1d2158 650 web optional dokuwiki_0.0.20060309e-1.dsc
 d6d3aa9e2f32ebbdb04ee07cd84a19e5 835945 web optional 
dokuwiki_0.0.20060309e.orig.tar.gz
 86835d4e6dab762edf948eed13ca0882 24261 web optional 
dokuwiki_0.0.20060309e-1.diff.gz
 743d44b118a7f150dfdb63c014f0517f 875342 web optional 
dokuwiki_0.0.20060309e-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFTkRCOU3FkQ7XBOoRAiIXAJ4wnO4lAM5dvlpB2ZaMTaiWh7+hZgCg7J0z
YDZP2yZthMO/3qa2Q2yErVs=
=J2Ui
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to