Bug#584517: CVE-2010-0404: Multiple SQL injection vulnerabilities

2010-06-07 Thread Giuseppe Iuculano
On 06/06/2010 06:16 PM, Olivier Berger wrote: > Thanks for caring. > > I've tried and fix the most obvious problems reported by lintian and > update the changelog, and have re-uploaded an updated package to > mentors. If you can upload it for me, many thanks in advance. > > Best regards, I've ad

Bug#584517: CVE-2010-0404: Multiple SQL injection vulnerabilities

2010-06-06 Thread Olivier Berger
Hi. Le vendredi 04 juin 2010 à 12:48 +0200, Giuseppe Iuculano a écrit : > On 06/04/2010 12:44 PM, Olivier Berger wrote: > > Here : > > http://mentors.debian.net/cgi-bin/sponsor-pkglist?action=details;package=phpgroupware > > Please add the "Closes" entries for the security bugs and add the source

Bug#584517: CVE-2010-0404: Multiple SQL injection vulnerabilities

2010-06-04 Thread Giuseppe Iuculano
On 06/04/2010 12:44 PM, Olivier Berger wrote: > Here : > http://mentors.debian.net/cgi-bin/sponsor-pkglist?action=details;package=phpgroupware Please add the "Closes" entries for the security bugs and add the source format (W: phpgroupware source: missing-debian-source-format). Cheers. Giuseppe.

Bug#584517: CVE-2010-0404: Multiple SQL injection vulnerabilities

2010-06-04 Thread Olivier Berger
Hi. Le vendredi 04 juin 2010 à 11:29 +0200, Giuseppe Iuculano a écrit : > Hi Christian, > > On 06/04/2010 11:24 AM, christian bac wrote: > > -the unstable version : 1:0.9.16.016+dfsg-1 that is uploaded on > > mentors. > > Here : http://mentors.debian.net/cgi-bin/sponsor-pkglist?action=details;p

Bug#584517: CVE-2010-0404: Multiple SQL injection vulnerabilities

2010-06-04 Thread christian bac
On Fri, 2010-06-04 at 11:29 +0200, Giuseppe Iuculano wrote: > Hi Christian, > > On 06/04/2010 11:24 AM, christian bac wrote: > > -the unstable version : 1:0.9.16.016+dfsg-1 that is uploaded on > > mentors. > > > > do you need a sponsor ? > > > Cheers, > Giuseppe > A last upload that close the

Bug#584517: CVE-2010-0404: Multiple SQL injection vulnerabilities

2010-06-04 Thread Giuseppe Iuculano
Hi Christian, On 06/04/2010 11:24 AM, christian bac wrote: > -the unstable version : 1:0.9.16.016+dfsg-1 that is uploaded on > mentors. > do you need a sponsor ? Cheers, Giuseppe signature.asc Description: OpenPGP digital signature

Bug#584517: CVE-2010-0404: Multiple SQL injection vulnerabilities

2010-06-04 Thread christian bac
As you can see in the changelog, these bugs are fixed in : -the stable version : 1:0.9.16.012+dfsg-8+lenny2 -the unstable version : 1:0.9.16.016+dfsg-1 that is uploaded on mentors. These version does not work correctly on unstable and squeeze due to non conformance to php5.3. Upstream does not

Bug#584517: CVE-2010-0404: Multiple SQL injection vulnerabilities

2010-06-04 Thread Giuseppe Iuculano
Package: phpgroupware Severity: grave Tags: security -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for phpgroupware. CVE-2010-0404[0]: | Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before | 0.9.16.016