Package: src:cakephp; Maintainer for src:cakephp is Dmitry Smirnov <onlyjob@debian.org>;
Reported by: balint@balintreczey.hu
Date: Sat, 23 Jul 2016 18:57:02 UTC
Severity: serious
Tags: fixed-upstream, security, upstream
Found in version cakephp/1.3.2-1
Fixed in versions cakephp/1.3.15-1+deb7u1, 2.6.7-1, cakephp/1.3.2-1.1+deb6u11
Done: Dmitry Smirnov <onlyjob@debian.org>
Bug is archived. No further changes may be made.
View this report as an mbox folder, status mbox, maintainer mbox
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Added tag(s) security, fixed-upstream, and upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Sun, 24 Jul 2016 05:51:08 GMT) (full text, mbox, link).
Message #12 received at 832283@bugs.debian.org (full text, mbox, reply):
Bug 832283 cloned as bug 832316
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Sun, 24 Jul 2016 05:57:06 GMT) (full text, mbox, link).
Changed Bug title to 'cakephp: XML class SSRF vulnerability' from 'cakephp: Affected by multiple security issues'.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Sun, 24 Jul 2016 05:57:07 GMT) (full text, mbox, link).
Marked as found in versions cakephp/1.3.2-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Sun, 24 Jul 2016 05:57:08 GMT) (full text, mbox, link).
Marked as fixed in versions cakephp/1.3.2-1.1+deb6u11.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Sun, 24 Jul 2016 05:57:09 GMT) (full text, mbox, link).
Reply sent
to Dmitry Smirnov <onlyjob@debian.org>
:
You have taken responsibility.
(Sun, 24 Jul 2016 08:27:16 GMT) (full text, mbox, link).
Message #25 received at 832283-done@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
[signature.asc (application/pgp-signature, inline)]
No longer marked as found in versions cakephp/2.8.3-1.
Request was from Bálint Réczey <balint@balintreczey.hu>
to control@bugs.debian.org
.
(Sun, 24 Jul 2016 08:39:03 GMT) (full text, mbox, link).
Marked as fixed in versions cakephp/1.3.15-1+deb7u1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org
.
(Fri, 29 Jul 2016 06:18:04 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Mon, 05 Dec 2016 11:13:29 GMT) (full text, mbox, link).
Bug unarchived.
Request was from Don Armstrong <don@debian.org>
to control@bugs.debian.org
.
(Wed, 07 Dec 2016 01:51:48 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Sun, 16 Jul 2017 07:53:06 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.