Change log for movabletype-opensource package in Debian
| 1 → 37 of 37 results | First • Previous • Next • Last |
| Published in wheezy-release |
movabletype-opensource (5.1.4+dfsg-4+deb7u3) wheezy-security; urgency=medium
* Fix format string injection vulnerability in localisation of
templates (CVE-2015-0845)
-- Dominic Hargreaves <email address hidden> Tue, 14 Apr 2015 23:24:22 +0100
| Deleted in squeeze-release (Reason: None provided.) |
movabletype-opensource (4.3.8+dfsg-0+squeeze4) oldstable-security; urgency=high
* Include patch from 4.381 fixing XSS vulnerability (CVE-2014-0977)
(Closes: #734304)
-- Dominic Hargreaves <email address hidden> Thu, 09 Jan 2014 19:32:26 +0000
| Superseded in wheezy-release |
movabletype-opensource (5.1.4+dfsg-4+deb7u1) stable-security; urgency=high
* Add XSS security fixes from upstream release (CVE-2014-0977)
(Closes: #734304)
-- Dominic Hargreaves <email address hidden> Wed, 08 Jan 2014 19:42:23 +0000
| Deleted in sid-release (Reason: None provided.) |
movabletype-opensource (5.2.9+dfsg-1) unstable; urgency=low
* New upstream release
- fixes XSS security vulnerabilities (Closes: #734304)
-- Dominic Hargreaves <email address hidden> Sun, 05 Jan 2014 19:01:02 +0000
Available diffs
- diff from 5.2.7+dfsg-1 to 5.2.9+dfsg-1 (163.7 KiB)
movabletype-opensource (5.2.7+dfsg-1) unstable; urgency=low
* Include updated watch file from Bart Martens
* Add Italian debconf translation (Closes: #718043)
* New upstream release (Closes: #722917)
* Drop movabletype-plugin-zemanta package, no longer provided by
upstream
-- Dominic Hargreaves <email address hidden> Sat, 14 Sep 2013 18:48:35 +0100
Available diffs
- diff from 5.1.4+dfsg-5 to 5.2.7+dfsg-1 (1.6 MiB)
movabletype-opensource (5.1.4+dfsg-5) unstable; urgency=low
* Use Apache 2.4 configuration handling (Closes: #669885)
* Add more Lintian overrides for LICENSE files installed as part of
codemirror
* Update Standards-Version (no changes)
-- Dominic Hargreaves <email address hidden> Sat, 01 Jun 2013 11:54:33 +0100
Available diffs
- diff from 5.1.4+dfsg-4 to 5.1.4+dfsg-5 (6.7 KiB)
movabletype-opensource (5.1.4+dfsg-4) unstable; urgency=low
* Merge the preinst added in the previous release with the original
preinst, which prompted the user to configure the packages after
installation (closes: #702065)
-- Dominic Hargreaves <email address hidden> Sun, 10 Mar 2013 17:14:28 +0000
Available diffs
- diff from 5.1.4+dfsg-3 to 5.1.4+dfsg-4 (956 bytes)
| Superseded in squeeze-release |
movabletype-opensource (4.3.8+dfsg-0+squeeze3) stable-security; urgency=low
* Include patch fixing remote execution and SQL injection
vulnerability in mt-upgrade.cgi (closes: #697666)
-- Dominic Hargreaves <email address hidden> Sun, 20 Jan 2013 21:18:47 +0000
movabletype-opensource (5.1.4+dfsg-3) unstable; urgency=medium
* Add preinst to remove jquery symlink to avoid overwriting
files from libjs-jquery (closes: #700063)
-- Dominic Hargreaves <email address hidden> Wed, 13 Feb 2013 23:19:20 +0000
Available diffs
- diff from 5.1.4+dfsg-2 to 5.1.4+dfsg-3 (892 bytes)
movabletype-opensource (5.1.4+dfsg-2) unstable; urgency=low
* Replace use of Digest::SHA1 with Digest::SHA1, as the former is no
longer available in Debian (closes: #694476)
-- Dominic Hargreaves <email address hidden> Mon, 31 Dec 2012 22:32:54 +0000
Available diffs
- diff from 5.1.4+dfsg-1 to 5.1.4+dfsg-2 (4.7 KiB)
movabletype-opensource (5.1.4+dfsg-1) unstable; urgency=low * Update copyright for codemirror * Switch Maintainer to a (nascent) team * New upstream relese * Update Standards-Version (no changes) -- Dominic Hargreaves <email address hidden> Sun, 27 May 2012 16:09:43 +0100
Available diffs
- diff from 5.1.3+dfsg-1 to 5.1.4+dfsg-1 (404.2 KiB)
| Superseded in squeeze-release |
movabletype-opensource (4.3.8+dfsg-0+squeeze2) stable-security; urgency=low
* Include patch to add AllowFileInclude which can be used to re-enable
unsafe behaviour for compatibility with some plugins. See
<http://www.movabletype.org/2012/03/513_patch_1.html>
-- Dominic Hargreaves <email address hidden> Fri, 02 Mar 2012 09:52:02 +0000
| Published in lenny-release |
movabletype-opensource (4.2.3-1+lenny3) oldstable-security; urgency=high
* Apply patch from 4.36 fixing various security vulnerabilities
(closes: #627936)
-- Dominic Hargreaves <email address hidden> Sun, 29 May 2011 10:51:20 +0100
movabletype-opensource (5.1.3+dfsg-1) unstable; urgency=high
* New upstream release
- fixes multiple security vulnerabilities (closes: #661064)
-- Dominic Hargreaves <email address hidden> Fri, 24 Feb 2012 11:07:02 +0000
Available diffs
movabletype-opensource (5.1.2+dfsg-3) unstable; urgency=low
* Add Vcs-* headers
* Correct debian/postinst to work correctly with new installs
(closes: #657486)
-- Dominic Hargreaves <email address hidden> Thu, 26 Jan 2012 21:01:07 +0000
| Superseded in sid-release |
movabletype-opensource (5.1.2+dfsg-2) unstable; urgency=low
* Ensure that debconf warning about schema upgrade is shown for this
release
* Correctly preserve ownership and mode of mt-config.cgi
* Provide build-arch and build-indep targets, as recommended by
Lintian
-- Dominic Hargreaves <email address hidden> Mon, 23 Jan 2012 22:24:45 +0000
| Deleted in experimental-release (Reason: None provided.) |
movabletype-opensource (5.1.2+dfsg-1) experimental; urgency=low * New upstream release (closes: #582724) -- Dominic Hargreaves <email address hidden> Sat, 14 Jan 2012 18:08:38 +0000
| Superseded in squeeze-release |
movabletype-opensource (4.3.5+dfsg-2+squeeze2) stable-security; urgency=low * Apply patch from 4.361 fixing various security vulnerabilities (closes: #629937) -- Dominic Hargreaves <email address hidden> Sun, 12 Jun 2011 16:59:44 +0100
movabletype-opensource (4.3.7+dfsg-1) unstable; urgency=high * New upstream release - fixes information disclosure vulnerability (closes: #631437) -- Dominic Hargreaves <email address hidden> Thu, 23 Jun 2011 22:53:29 +0100
movabletype-opensource (4.3.6.1+dfsg-1) unstable; urgency=high * New upstream release - fixes unspecified security vulnerabilities (closes: #629937) * Update Standards-Version (no changes) -- Dominic Hargreaves <email address hidden> Thu, 09 Jun 2011 19:28:48 +0100
movabletype-opensource (4.3.6+dfsg-1) unstable; urgency=high * New upstream release - fixes unspecified security vulnerabilities (closes: #627936) * Update versioned dependency on libdata-objectdriver-perl to 0.08 following bundled version number -- Dominic Hargreaves <email address hidden> Wed, 25 May 2011 23:34:08 +0100
movabletype-opensource (4.3.5+dfsg-3) unstable; urgency=low * Check for existence of dbconfig-common in debian/config before using it (closes: #499598) * Update Standards-Version (no changes) * Update to debhelper compatibility level 7 * Update source format version to 3.0 (quilt) -- Dominic Hargreaves <email address hidden> Sat, 05 Feb 2011 18:14:06 +0000
| Superseded in lenny-release |
movabletype-opensource (4.2.3-1+lenny2) stable; urgency=low * Various XSS/SQL security fixes backported from 4.35 (closes: #606311) -- Dominic Hargreaves <email address hidden> Fri, 10 Dec 2010 22:16:07 +0000
movabletype-opensource (4.3.5+dfsg-2) unstable; urgency=low * Correct dependency on sqlite3 to sqlite to satisfy dbconfig-common (closes: #606705) -- Dominic Hargreaves <email address hidden> Sat, 11 Dec 2010 11:31:07 +0000
movabletype-opensource (4.3.5+dfsg-1) unstable; urgency=high * New upstream release - fixes various unspecified XSS/SQL vulnerabilities (closes: #606311) -- Dominic Hargreaves <email address hidden> Wed, 08 Dec 2010 20:34:44 +0000
movabletype-opensource (4.3.4+dfsg-2) unstable; urgency=low
* Adjust database-related dependencies to avoid dbconfig failure
on a minimal system (closes: #603867)
-- Dominic Hargreaves <email address hidden> Sat, 20 Nov 2010 15:44:32 +0000
movabletype-opensource (4.3.4+dfsg-1) unstable; urgency=low
* Remove non-free flash components from upstream tarball and
include the NoStats plugin which disables their use in the
application (closes: #591975)
* Include information about how to re-enable the flash components
in README.Debian
-- Dominic Hargreaves <email address hidden> Wed, 06 Oct 2010 21:31:37 +0100
movabletype-opensource (4.3.4-2) unstable; urgency=low
* Add Spanish debconf translation (closes: #580853)
* Add Danish debconf translation (closes: #587799)
* Move the Zemanta plugin to a separate package owing to privacy
concerns (closes: #591673)
* Add NEWS.Debian mentioning the above change
-- Dominic Hargreaves <email address hidden> Tue, 24 Aug 2010 19:44:01 +0100
movabletype-opensource (4.3.4-1) unstable; urgency=low
* New upstream release
- bump schema version in debian/config
* Update URL in debian/watch file (closes: #567950)
* Update Standards-Version (no changes)
-- Dominic Hargreaves <email address hidden> Sun, 21 Feb 2010 18:08:19 +0000
| Superseded in lenny-release |
movabletype-opensource (4.2.3-1+lenny1) stable; urgency=low
* Don't allow any access to mt-wizard.cgi by default as it shouldn't
normally be needed and presents an unnecessary security exposure
(closes: #537935)
-- Dominic Hargreaves <email address hidden> Sat, 03 Oct 2009 14:22:47 +0100
movabletype-opensource (4.3.3-1) unstable; urgency=low
* New upstream release
- fixes missing authorization checks in CMS:
http://www.movabletype.org/2010/01/considering_an_mt_4_upgrade_review_the_movable_type_433_chan.html
* Add Russian debconf translation (closes: #551575)
* Add missing link to search_templates in CGI dir (LP: #486402)
* Apply http://code.sixapart.com/trac/movabletype/changeset/5205
to fix a show-stopper bug introduced in 4.33.
-- Dominic Hargreaves <email address hidden> Sun, 24 Jan 2010 16:47:58 +0000
movabletype-opensource (4.3.2-1) unstable; urgency=low * New upstream release (closes: #544206) -- Dominic Hargreaves <email address hidden> Tue, 06 Oct 2009 22:09:27 +0100
movabletype-opensource (4.2.6.1-2) unstable; urgency=low
* Don't allow any access to mt-wizard.cgi by default as it shouldn't
normally be needed and presents an unnecessary security exposure
* Fix error in postinst when apache isn't installed (closes: #534104)
* Update Standards-Version (no changes)
-- Dominic Hargreaves <email address hidden> Sat, 19 Sep 2009 15:15:44 +0100
movabletype-opensource (4.2.6.1-1) unstable; urgency=low * New upstream release * Update Standards-Version (no changes) * Don't specify full path to apache2ctl in postinst (thanks, Lintian) * Remove unused Lintian overrides * Don't install empty directory in extlib -- Dominic Hargreaves <email address hidden> Fri, 19 Jun 2009 23:03:15 +0100
movabletype-opensource (4.2.3-1) unstable; urgency=medium * Urgency medium due to security fixes * New upstream release: contains XSS security fixes and minor bugfixes -- Dominic Hargreaves <email address hidden> Thu, 11 Dec 2008 20:00:05 +0000
movabletype-opensource (4.2.1-3) unstable; urgency=high
* Urgency high due to security fix targetted at lenny
* Fix multiple XSS issues (CVE-2008-4634). Thanks to Nico Golde for
providing the patch, extracted from a release made by
Six Apart KK (closes: #503114)
-- Dominic Hargreaves <email address hidden> Tue, 18 Nov 2008 17:55:33 +0000
movabletype-opensource (4.2.1-2) unstable; urgency=low
* Fix SignIn widget by adapting JSON related code to new JSON.pm
behaviour (closes: #498747). Thanks to Peter Gervai for the fix.
-- Dominic Hargreaves <email address hidden> Sat, 20 Sep 2008 23:50:53 +0100
| 1 → 37 of 37 results | First • Previous • Next • Last |
