-
spip (3.2.11-3+deb11u3build0.21.10.1) impish-security; urgency=medium
* fake sync from Debian
spip (3.2.11-3+deb11u3) bullseye-security; urgency=high
* Backport security fix from 3.2.14
- arbitrary PHP code execution
spip (3.2.11-3+deb11u2) bullseye; urgency=medium
* Document CVE fixed previously
* Backport security fixes (XSS) from 3.2.13
spip (3.2.11-3+deb11u1) bullseye-security; urgency=high
* Set up branch debian/bullseye
* Backport security fixes from 3.2.12
- SQL injections
- remote code execution [CVE-2021-44123]
- XSS [CVE-2021-44118] [CVE-2021-44120]
- CSRF [CVE-2021-44122]
* Don’t ship vcs-control-file
-- Eduardo Barretto <email address hidden> Tue, 14 Jun 2022 16:44:21 +0200
-
spip (3.2.11-3) unstable; urgency=medium
* Adapt symlink to changed path in latest node-js-cookie.
Thanks to Andreas Beckmann <email address hidden> (Closes: #988853)
-- David Prévot <email address hidden> Fri, 21 May 2021 11:14:54 -0400
-
spip (3.2.11-2) unstable; urgency=medium
* Upload to unstable with the Release Team approval
* Update debian/copyright
-- David Prévot <email address hidden> Fri, 26 Mar 2021 15:37:27 -0400
-
spip (3.2.9-1) unstable; urgency=medium
* Critical security fixes, allowing identified authors to execute arbitrary
PHP code, and XSS
[ Matthieu Marcillaud ]
* Version 3.2.9
[ David Prévot ]
* Update mutualisation to 1.4.7
* Simplify gbp import-orig
-- David Prévot <email address hidden> Fri, 12 Feb 2021 14:33:59 -0400