Change log for movabletype-opensource package in Debian
1 → 37 of 37 results | First • Previous • Next • Last |
Published in wheezy-release |
movabletype-opensource (5.1.4+dfsg-4+deb7u3) wheezy-security; urgency=medium * Fix format string injection vulnerability in localisation of templates (CVE-2015-0845) -- Dominic Hargreaves <email address hidden> Tue, 14 Apr 2015 23:24:22 +0100
Deleted in squeeze-release (Reason: None provided.) |
movabletype-opensource (4.3.8+dfsg-0+squeeze4) oldstable-security; urgency=high * Include patch from 4.381 fixing XSS vulnerability (CVE-2014-0977) (Closes: #734304) -- Dominic Hargreaves <email address hidden> Thu, 09 Jan 2014 19:32:26 +0000
Superseded in wheezy-release |
movabletype-opensource (5.1.4+dfsg-4+deb7u1) stable-security; urgency=high * Add XSS security fixes from upstream release (CVE-2014-0977) (Closes: #734304) -- Dominic Hargreaves <email address hidden> Wed, 08 Jan 2014 19:42:23 +0000
Deleted in sid-release (Reason: None provided.) |
movabletype-opensource (5.2.9+dfsg-1) unstable; urgency=low * New upstream release - fixes XSS security vulnerabilities (Closes: #734304) -- Dominic Hargreaves <email address hidden> Sun, 05 Jan 2014 19:01:02 +0000
Available diffs
- diff from 5.2.7+dfsg-1 to 5.2.9+dfsg-1 (163.7 KiB)
movabletype-opensource (5.2.7+dfsg-1) unstable; urgency=low * Include updated watch file from Bart Martens * Add Italian debconf translation (Closes: #718043) * New upstream release (Closes: #722917) * Drop movabletype-plugin-zemanta package, no longer provided by upstream -- Dominic Hargreaves <email address hidden> Sat, 14 Sep 2013 18:48:35 +0100
Available diffs
- diff from 5.1.4+dfsg-5 to 5.2.7+dfsg-1 (1.6 MiB)
movabletype-opensource (5.1.4+dfsg-5) unstable; urgency=low * Use Apache 2.4 configuration handling (Closes: #669885) * Add more Lintian overrides for LICENSE files installed as part of codemirror * Update Standards-Version (no changes) -- Dominic Hargreaves <email address hidden> Sat, 01 Jun 2013 11:54:33 +0100
Available diffs
- diff from 5.1.4+dfsg-4 to 5.1.4+dfsg-5 (6.7 KiB)
movabletype-opensource (5.1.4+dfsg-4) unstable; urgency=low * Merge the preinst added in the previous release with the original preinst, which prompted the user to configure the packages after installation (closes: #702065) -- Dominic Hargreaves <email address hidden> Sun, 10 Mar 2013 17:14:28 +0000
Available diffs
- diff from 5.1.4+dfsg-3 to 5.1.4+dfsg-4 (956 bytes)
Superseded in squeeze-release |
movabletype-opensource (4.3.8+dfsg-0+squeeze3) stable-security; urgency=low * Include patch fixing remote execution and SQL injection vulnerability in mt-upgrade.cgi (closes: #697666) -- Dominic Hargreaves <email address hidden> Sun, 20 Jan 2013 21:18:47 +0000
movabletype-opensource (5.1.4+dfsg-3) unstable; urgency=medium * Add preinst to remove jquery symlink to avoid overwriting files from libjs-jquery (closes: #700063) -- Dominic Hargreaves <email address hidden> Wed, 13 Feb 2013 23:19:20 +0000
Available diffs
- diff from 5.1.4+dfsg-2 to 5.1.4+dfsg-3 (892 bytes)
movabletype-opensource (5.1.4+dfsg-2) unstable; urgency=low * Replace use of Digest::SHA1 with Digest::SHA1, as the former is no longer available in Debian (closes: #694476) -- Dominic Hargreaves <email address hidden> Mon, 31 Dec 2012 22:32:54 +0000
Available diffs
- diff from 5.1.4+dfsg-1 to 5.1.4+dfsg-2 (4.7 KiB)
movabletype-opensource (5.1.4+dfsg-1) unstable; urgency=low * Update copyright for codemirror * Switch Maintainer to a (nascent) team * New upstream relese * Update Standards-Version (no changes) -- Dominic Hargreaves <email address hidden> Sun, 27 May 2012 16:09:43 +0100
Available diffs
- diff from 5.1.3+dfsg-1 to 5.1.4+dfsg-1 (404.2 KiB)
Superseded in squeeze-release |
movabletype-opensource (4.3.8+dfsg-0+squeeze2) stable-security; urgency=low * Include patch to add AllowFileInclude which can be used to re-enable unsafe behaviour for compatibility with some plugins. See <http://www.movabletype.org/2012/03/513_patch_1.html> -- Dominic Hargreaves <email address hidden> Fri, 02 Mar 2012 09:52:02 +0000
Published in lenny-release |
movabletype-opensource (4.2.3-1+lenny3) oldstable-security; urgency=high * Apply patch from 4.36 fixing various security vulnerabilities (closes: #627936) -- Dominic Hargreaves <email address hidden> Sun, 29 May 2011 10:51:20 +0100
movabletype-opensource (5.1.3+dfsg-1) unstable; urgency=high * New upstream release - fixes multiple security vulnerabilities (closes: #661064) -- Dominic Hargreaves <email address hidden> Fri, 24 Feb 2012 11:07:02 +0000
Available diffs
movabletype-opensource (5.1.2+dfsg-3) unstable; urgency=low * Add Vcs-* headers * Correct debian/postinst to work correctly with new installs (closes: #657486) -- Dominic Hargreaves <email address hidden> Thu, 26 Jan 2012 21:01:07 +0000
Superseded in sid-release |
movabletype-opensource (5.1.2+dfsg-2) unstable; urgency=low * Ensure that debconf warning about schema upgrade is shown for this release * Correctly preserve ownership and mode of mt-config.cgi * Provide build-arch and build-indep targets, as recommended by Lintian -- Dominic Hargreaves <email address hidden> Mon, 23 Jan 2012 22:24:45 +0000
Deleted in experimental-release (Reason: None provided.) |
movabletype-opensource (5.1.2+dfsg-1) experimental; urgency=low * New upstream release (closes: #582724) -- Dominic Hargreaves <email address hidden> Sat, 14 Jan 2012 18:08:38 +0000
Superseded in squeeze-release |
movabletype-opensource (4.3.5+dfsg-2+squeeze2) stable-security; urgency=low * Apply patch from 4.361 fixing various security vulnerabilities (closes: #629937) -- Dominic Hargreaves <email address hidden> Sun, 12 Jun 2011 16:59:44 +0100
movabletype-opensource (4.3.7+dfsg-1) unstable; urgency=high * New upstream release - fixes information disclosure vulnerability (closes: #631437) -- Dominic Hargreaves <email address hidden> Thu, 23 Jun 2011 22:53:29 +0100
movabletype-opensource (4.3.6.1+dfsg-1) unstable; urgency=high * New upstream release - fixes unspecified security vulnerabilities (closes: #629937) * Update Standards-Version (no changes) -- Dominic Hargreaves <email address hidden> Thu, 09 Jun 2011 19:28:48 +0100
movabletype-opensource (4.3.6+dfsg-1) unstable; urgency=high * New upstream release - fixes unspecified security vulnerabilities (closes: #627936) * Update versioned dependency on libdata-objectdriver-perl to 0.08 following bundled version number -- Dominic Hargreaves <email address hidden> Wed, 25 May 2011 23:34:08 +0100
movabletype-opensource (4.3.5+dfsg-3) unstable; urgency=low * Check for existence of dbconfig-common in debian/config before using it (closes: #499598) * Update Standards-Version (no changes) * Update to debhelper compatibility level 7 * Update source format version to 3.0 (quilt) -- Dominic Hargreaves <email address hidden> Sat, 05 Feb 2011 18:14:06 +0000
Superseded in lenny-release |
movabletype-opensource (4.2.3-1+lenny2) stable; urgency=low * Various XSS/SQL security fixes backported from 4.35 (closes: #606311) -- Dominic Hargreaves <email address hidden> Fri, 10 Dec 2010 22:16:07 +0000
movabletype-opensource (4.3.5+dfsg-2) unstable; urgency=low * Correct dependency on sqlite3 to sqlite to satisfy dbconfig-common (closes: #606705) -- Dominic Hargreaves <email address hidden> Sat, 11 Dec 2010 11:31:07 +0000
movabletype-opensource (4.3.5+dfsg-1) unstable; urgency=high * New upstream release - fixes various unspecified XSS/SQL vulnerabilities (closes: #606311) -- Dominic Hargreaves <email address hidden> Wed, 08 Dec 2010 20:34:44 +0000
movabletype-opensource (4.3.4+dfsg-2) unstable; urgency=low * Adjust database-related dependencies to avoid dbconfig failure on a minimal system (closes: #603867) -- Dominic Hargreaves <email address hidden> Sat, 20 Nov 2010 15:44:32 +0000
movabletype-opensource (4.3.4+dfsg-1) unstable; urgency=low * Remove non-free flash components from upstream tarball and include the NoStats plugin which disables their use in the application (closes: #591975) * Include information about how to re-enable the flash components in README.Debian -- Dominic Hargreaves <email address hidden> Wed, 06 Oct 2010 21:31:37 +0100
movabletype-opensource (4.3.4-2) unstable; urgency=low * Add Spanish debconf translation (closes: #580853) * Add Danish debconf translation (closes: #587799) * Move the Zemanta plugin to a separate package owing to privacy concerns (closes: #591673) * Add NEWS.Debian mentioning the above change -- Dominic Hargreaves <email address hidden> Tue, 24 Aug 2010 19:44:01 +0100
movabletype-opensource (4.3.4-1) unstable; urgency=low * New upstream release - bump schema version in debian/config * Update URL in debian/watch file (closes: #567950) * Update Standards-Version (no changes) -- Dominic Hargreaves <email address hidden> Sun, 21 Feb 2010 18:08:19 +0000
Superseded in lenny-release |
movabletype-opensource (4.2.3-1+lenny1) stable; urgency=low * Don't allow any access to mt-wizard.cgi by default as it shouldn't normally be needed and presents an unnecessary security exposure (closes: #537935) -- Dominic Hargreaves <email address hidden> Sat, 03 Oct 2009 14:22:47 +0100
movabletype-opensource (4.3.3-1) unstable; urgency=low * New upstream release - fixes missing authorization checks in CMS: http://www.movabletype.org/2010/01/considering_an_mt_4_upgrade_review_the_movable_type_433_chan.html * Add Russian debconf translation (closes: #551575) * Add missing link to search_templates in CGI dir (LP: #486402) * Apply http://code.sixapart.com/trac/movabletype/changeset/5205 to fix a show-stopper bug introduced in 4.33. -- Dominic Hargreaves <email address hidden> Sun, 24 Jan 2010 16:47:58 +0000
movabletype-opensource (4.3.2-1) unstable; urgency=low * New upstream release (closes: #544206) -- Dominic Hargreaves <email address hidden> Tue, 06 Oct 2009 22:09:27 +0100
movabletype-opensource (4.2.6.1-2) unstable; urgency=low * Don't allow any access to mt-wizard.cgi by default as it shouldn't normally be needed and presents an unnecessary security exposure * Fix error in postinst when apache isn't installed (closes: #534104) * Update Standards-Version (no changes) -- Dominic Hargreaves <email address hidden> Sat, 19 Sep 2009 15:15:44 +0100
movabletype-opensource (4.2.6.1-1) unstable; urgency=low * New upstream release * Update Standards-Version (no changes) * Don't specify full path to apache2ctl in postinst (thanks, Lintian) * Remove unused Lintian overrides * Don't install empty directory in extlib -- Dominic Hargreaves <email address hidden> Fri, 19 Jun 2009 23:03:15 +0100
movabletype-opensource (4.2.3-1) unstable; urgency=medium * Urgency medium due to security fixes * New upstream release: contains XSS security fixes and minor bugfixes -- Dominic Hargreaves <email address hidden> Thu, 11 Dec 2008 20:00:05 +0000
movabletype-opensource (4.2.1-3) unstable; urgency=high * Urgency high due to security fix targetted at lenny * Fix multiple XSS issues (CVE-2008-4634). Thanks to Nico Golde for providing the patch, extracted from a release made by Six Apart KK (closes: #503114) -- Dominic Hargreaves <email address hidden> Tue, 18 Nov 2008 17:55:33 +0000
movabletype-opensource (4.2.1-2) unstable; urgency=low * Fix SignIn widget by adapting JSON related code to new JSON.pm behaviour (closes: #498747). Thanks to Peter Gervai for the fix. -- Dominic Hargreaves <email address hidden> Sat, 20 Sep 2008 23:50:53 +0100
1 → 37 of 37 results | First • Previous • Next • Last |