spip 3.1.4-4~deb9u5build0.18.04.1 source package in Ubuntu
Changelog
spip (3.1.4-4~deb9u5build0.18.04.1) bionic-security; urgency=medium
* fake sync from Debian to fix CVE-2020-28984, CVE-2022-26846 and
CVE-2022-26847 (LP: #1971185).
spip (3.1.4-4~deb9u5) stretch-security; urgency=medium
* Non-maintainer upload.
* Switch back to a sane version number.
* Add missing dependency on php-xml.
* Recommend php-gd.
* Fix security issues, backported from buster:
* XSS:
- 0049-Verifier-qu-on-a-bien-le-droit-de-modifier-le-login-.patch
- 0050-appliquer-rawurlencode-aussi-sur-les-tableaux-qu-on-.patch
* CVE-2022-26846, CVE-2022-26847:
- 0022-Utilisation-des-fonctions-de-sanitization-sur-galeri.patch
+ prerequisite.
- 0051-D-pr-cier-et-s-curiser-l-insertion-d-une-galerie-dan.patch
+ Don't use nullable types, not available in PHP 7.0 in stretch.
spip (3.1.4-4~deb9u4+deb9u2) stretch-security; urgency=high
* Non-maintainer upload by the LTS Security Team.
* Backport security fixes from 3.2.12
- SQL injections, remote code execution, XSS
* Fix Articles and Sections editing screens in admin area, which got broken in
previous upload.
* Fix user Preferences screen, which got broken in 3.1.4-4~deb9u4.
spip (3.1.4-4~deb9u4+deb9u1) stretch-security; urgency=medium
* Non-maintainer upload by the Debian LTS Team.
* Fix TEMP-0000000-803658
spip (3.1.4-4~deb9u4) stretch-security; urgency=medium
* Non-maintainer upload by the LTS Security Team.
* Fix CVE-2020-28984: did not correctly validate he couleur,
display, display_navigation, display_outils, imessage, and
spip_ecran parameters.
-- Luís Infante da Câmara <email address hidden> Tue, 14 Jun 2022 16:41:55 +0200
Upload details
- Uploaded by:
- Luís Infante da Câmara
- Sponsored by:
- Eduardo Barretto
- Uploaded to:
- Bionic
- Original maintainer:
- David Prevot
- Architectures:
- all
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bionic | updates | universe | web | |
| Bionic | security | universe | web |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| spip_3.1.4.orig.tar.xz | 5.6 MiB | 884778eca338242da714641727b9acaa8ec10a5aefeefc1dbe1d38ad379d8318 |
| spip_3.1.4-4~deb9u5build0.18.04.1.debian.tar.xz | 105.9 KiB | 7346a69d17ea03b5c074c7eb0234e5542a6735699e23e3ef154394bfdc70c2b2 |
| spip_3.1.4-4~deb9u5build0.18.04.1.dsc | 1.8 KiB | 0ae8e16f6f0cbfcde48156af2c2413294f8a439a8f75edf525ad501310c98657 |
Available diffs
Binary packages built by this source
- spip: website engine for publishing
SPIP is a publishing system for the Internet in which great importance
is attached to collaborative working, to multilingual environments,
and to simplicity of use for web authors.
.
SPIP's benefit consists in:
.
* managing a magazine type site i.e. made up mainly of
articles and news items inserted in an arborescence
of sections nested in each others.
* completely separating and distributing three kinds of tasks
over various players: the graphic design, the site editorial
input through the submission of articles and news items and
the site editorial management.
* spare the webmaster and all the participants to the life of
the site, a number of tedious aspects of web publishing as
well as the need to learn lengthy technical skills.
SPIP allows you to start creating your sections and
articles straight away.
