TEMP-0000000-803658

NameTEMP-0000000-803658
Descriptionseveral security fixes: PHP injections, XSS and secrets stored in session file
SourceAutomatically generated temporary name. Not for external reference.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
spip (PTS)stretch3.1.4-4~deb9u3vulnerable
stretch (security)3.1.4-4~deb9u5fixed
buster3.2.4-1+deb10u7fixed
buster (security)3.2.4-1+deb10u8fixed
bullseye3.2.11-3+deb11u3fixed
bullseye (security)3.2.11-3+deb11u4fixed
bookworm, sid4.1.2+dfsg-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
spipsourcestretch3.1.4-4~deb9u4+deb9u1
spipsourcebuster3.2.4-1+deb10u4
spipsource(unstable)3.2.9-1

Search for package or bug name: Reporting problems