Please sync php-xajax (0.2.5-4) (universe) from debian unstable main.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
php-xajax (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: php-xajax
Please sync the latest version from debian as it fixes a CVE.
Changelog since the current jaunty version:
php-xajax (0.2.5-4) unstable; urgency=medium
* Urgency set to medium since it possibly fixes a security bug,
check debian/
for details.
* Bump Standards-Version to 3.8.0:
+ debian/control: Added Homepage field.
* debian/control
+ Added Vcs-Svn and Vcs-Browser fields.
+ Updated project homepage.
* Add dpatch support:
+ debian/control: added dpatch build-dependency
+ debian/rules: added patch/unpatch targets in clean/build
and include dpatch.make
+ debian/
included previous fixes (0.2.5-2 and 0.2.5-3) as a patch
+ debian/
Fix properly cross-site scripting in URL input using htmlspecialchars
This fixes CVE-2007-2739 and Closes: #509024.
+ debian/
* debian/rules: Link examples to /usr/share/
and tests to /usr/share/
They are still under /usr/share/
to run out of the box.
* debian/
the package and the way to access them.
-- David Gil <email address hidden> Thu, 25 Dec 2008 13:20:09 +0100
CVE References
Changed in php-xajax: | |
assignee: | nobody → vorian |
importance: | Undecided → Wishlist |
status: | New → In Progress |
PS: It builds fine on my PPA:
http:// launchpadlibrar ian.net/ 20843542/ buildlog_ ubuntu- jaunty- i386.php- xajax_0. 2.5-4ubuntu1_ FULLYBUILT. txt.gz