spip 3.1.4-4~deb9u5build0.18.04.1 source package in Ubuntu
Changelog
spip (3.1.4-4~deb9u5build0.18.04.1) bionic-security; urgency=medium * fake sync from Debian to fix CVE-2020-28984, CVE-2022-26846 and CVE-2022-26847 (LP: #1971185). spip (3.1.4-4~deb9u5) stretch-security; urgency=medium * Non-maintainer upload. * Switch back to a sane version number. * Add missing dependency on php-xml. * Recommend php-gd. * Fix security issues, backported from buster: * XSS: - 0049-Verifier-qu-on-a-bien-le-droit-de-modifier-le-login-.patch - 0050-appliquer-rawurlencode-aussi-sur-les-tableaux-qu-on-.patch * CVE-2022-26846, CVE-2022-26847: - 0022-Utilisation-des-fonctions-de-sanitization-sur-galeri.patch + prerequisite. - 0051-D-pr-cier-et-s-curiser-l-insertion-d-une-galerie-dan.patch + Don't use nullable types, not available in PHP 7.0 in stretch. spip (3.1.4-4~deb9u4+deb9u2) stretch-security; urgency=high * Non-maintainer upload by the LTS Security Team. * Backport security fixes from 3.2.12 - SQL injections, remote code execution, XSS * Fix Articles and Sections editing screens in admin area, which got broken in previous upload. * Fix user Preferences screen, which got broken in 3.1.4-4~deb9u4. spip (3.1.4-4~deb9u4+deb9u1) stretch-security; urgency=medium * Non-maintainer upload by the Debian LTS Team. * Fix TEMP-0000000-803658 spip (3.1.4-4~deb9u4) stretch-security; urgency=medium * Non-maintainer upload by the LTS Security Team. * Fix CVE-2020-28984: did not correctly validate he couleur, display, display_navigation, display_outils, imessage, and spip_ecran parameters. -- Luís Infante da Câmara <email address hidden> Tue, 14 Jun 2022 16:41:55 +0200
Upload details
- Uploaded by:
- Luís Infante da Câmara
- Sponsored by:
- Eduardo Barretto
- Uploaded to:
- Bionic
- Original maintainer:
- David Prevot
- Architectures:
- all
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Bionic | updates | universe | web | |
Bionic | security | universe | web |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
spip_3.1.4.orig.tar.xz | 5.6 MiB | 884778eca338242da714641727b9acaa8ec10a5aefeefc1dbe1d38ad379d8318 |
spip_3.1.4-4~deb9u5build0.18.04.1.debian.tar.xz | 105.9 KiB | 7346a69d17ea03b5c074c7eb0234e5542a6735699e23e3ef154394bfdc70c2b2 |
spip_3.1.4-4~deb9u5build0.18.04.1.dsc | 1.8 KiB | 0ae8e16f6f0cbfcde48156af2c2413294f8a439a8f75edf525ad501310c98657 |
Available diffs
Binary packages built by this source
- spip: website engine for publishing
SPIP is a publishing system for the Internet in which great importance
is attached to collaborative working, to multilingual environments,
and to simplicity of use for web authors.
.
SPIP's benefit consists in:
.
* managing a magazine type site i.e. made up mainly of
articles and news items inserted in an arborescence
of sections nested in each others.
* completely separating and distributing three kinds of tasks
over various players: the graphic design, the site editorial
input through the submission of articles and news items and
the site editorial management.
* spare the webmaster and all the participants to the life of
the site, a number of tedious aspects of web publishing as
well as the need to learn lengthy technical skills.
SPIP allows you to start creating your sections and
articles straight away.