thr3ads.net - Secure testing team - [Secure-testing-team] Release Freeze Exception for Ampache-3.4.1-2 [Nov 2008]

If this information is useful, please help other people find it:
Share via:

Charliej

2008-Nov-02 13:10 UTC

[Secure-testing-team] Release Freeze Exception for Ampache-3.4.1-2

Release Team,

Would you please grant a Release Freeze Exception for ampache-3.4.1-2 as
this upload fixes several bugs which deal with security issues, and is a
bug fix only upload.

Bug #504169 - RC 
CVE-2008-4796: missing input sanitising in Snoopy.class.php

Bug #496369 - Normal
The possibility of attack with the help of symlinks in some Debian
packages

One other thing could you please bump the urgency to "High" as I and
my
sponsor missed this.

Best regards
Charlie

Luk Claes

2008-Nov-11 11:33 UTC

head link

[Secure-testing-team] Release Freeze Exception for Ampache-3.4.1-2

Charliej wrote:> Release Team,
> 
> Would you please grant a Release Freeze Exception for ampache-3.4.1-2 as
> this upload fixes several bugs which deal with security issues, and is a
> bug fix only upload.
> 
> Bug #504169 - RC 
> CVE-2008-4796: missing input sanitising in Snoopy.class.php
> 
> Bug #496369 - Normal
> The possibility of attack with the help of symlinks in some Debian
> packages
unblocked

Cheers

Luk

Secure testing team - Nov 2008 - Release Freeze Exception for Ampache-3.4.1-2

[Secure-testing-team] Release Freeze Exception for Ampache-3.4.1-2

[Secure-testing-team] Release Freeze Exception for Ampache-3.4.1-2