Skip to content

Debian Changelog php-xajax (0.2.5-4)

2008

php-xajax (0.2.5-4) unstable; urgency=medium 

   * Urgency set to medium since it possibly fixes a security bug,
     check debian/patches/fix_cross-site_scripting_CVE-2007-2739.dpatch
     for details.
 
   * Bump Standards-Version to 3.8.0:
     + debian/control: Added Homepage field.
 
   * debian/control
     + Added Vcs-Svn and Vcs-Browser fields.
     + Updated project homepage.
 
   * Add dpatch support:
     + debian/control: added dpatch build-dependency
     + debian/rules: added patch/unpatch targets in clean/build
       and include dpatch.make
     + debian/patches/fix_undefined_variable_sresponse.dpatch:
       included previous fixes (0.2.5-2 and 0.2.5-3) as a patch
     + debian/patches/fix_cross-site_scripting_CVE-2007-2739.dpatch:
       Fix properly cross-site scripting in URL input using htmlspecialchars
       This fixes CVE-2007-2739 and Closes: #509024.
     + debian/patches/00list: created and included previous patches
 
   * debian/rules: Link examples to /usr/share/doc/php-xajax/examples
     and tests to /usr/share/php/tests/xajax (Closes: #391615).
     They are still under /usr/share/php/xajax in order to be ready
     to run out of the box.
 
   * debian/README.Debian: mention the presence of examples and tests in
     the package and the way to access them.

 -- David Gil <dgil@telefonica.net>  Thu, 25 Dec 2008 13:20:09 +0100

2007

php-xajax (0.2.5-3) unstable; urgency=low 

   * Really fixed "Undefined variable: sResponse" notice.
     Completed previous patch with
     http://xajax.svn.sourceforge.net/viewvc/xajax/branches/xajax_0.2.4/xajax/
     xajax.inc.php?r1=356&r2=359&view=patch

 -- David Gil <dgil@telefonica.net>  Mon, 18 Jun 2007 21:08:08 +0200

php-xajax (0.2.5-2) unstable; urgency=low 

   * Fixed "Undefined variable: sResponse" notice (Closes: #427686)

 -- David Gil <dgil@telefonica.net>  Wed, 06 Jun 2007 11:00:17 +0200

php-xajax (0.2.5-1) unstable; urgency=high 

   * New upstream release, which fixes the following security vulnerabilities:
      + Cross-site scripting (XSS) vulnerability (CVE-2005-3325)
      + Unspecified vulnerability with unknown impact and attack vectors,
        not related to XSS (CVE-2007-2740)
     and (Closes: #426103)
   * Removed DH_COMPAT environment variable in debian/rules. Created
     a debian/compat file instead.
   * Renamed source package from xajax to php-xajax and remake source
     to use a tar.gz instead of a .zip

 -- David Gil <dgil@telefonica.net>  Mon, 28 May 2007 09:44:40 +0200

2006

php-xajax (0.2.4-2) unstable; urgency=low 

   * debian/rules: Added build and configure targets (Closes: #395789).
   * debian/control: Add Javier Fernandez-Sanguino Pen~a to
     the Uploaders: field.

 -- David Gil <dgil@telefonica.net>  Sat, 11 Nov 2006 20:59:14 +0100

php-xajax (0.2.4-1) unstable; urgency=low 

   * Initial release (Closes: #353117).
   * Renamed source package from xajax to php-xajax and remake source
     to use a tar.gz instead of a .zip

 -- David Gil <dgil@telefonica.net>  Mon, 03 Jul 2006 11:37:02 +0200

Generated Fri Dec 26 21:35:25 2008 UTC by Parse::DebianChangelog (v1.1.1)
Contact debian-www@lists.debian.org in case of problems.