Bug#1038153: bullseye-pu: package spip/3.2.11-3+deb11u8

To: David Prévot <taffit@debian.org>, 1038153@bugs.debian.org
Subject: Bug#1038153: bullseye-pu: package spip/3.2.11-3+deb11u8
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 17 Jun 2023 18:44:54 +0100
Message-id: <[🔎] 69e11d811755bee157c31e1998f529b2a72477c2.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1038153@bugs.debian.org
In-reply-to: <[🔎] ZIwBtjtXV27D9OQM@persil.tilapin.org>
References: <[🔎] ZIwBtjtXV27D9OQM@persil.tilapin.org> <[🔎] ZIwBtjtXV27D9OQM@persil.tilapin.org>

Control: tags 1 + confirmed

On Fri, 2023-06-16 at 08:31 +0200, David Prévot wrote:
> SPIP has been updated upstream to fix some security issues (link to
> the
> French-only announcement follows), and we agreed with the security
> team
> that they don’t warrant a DSA this time.
> 
> https://blog.spip.net/Mise-a-jour-de-maintenance-et-securite-sortie-de-SPIP-4-2-3-SPIP-4-1-10.html
> 
> The main backported fix is the one that limits recursion depth in
> protege_champ() function.
> 

Please go ahead.

Regards,

Adam

Reply to:

References:
- Bug#1038153: bullseye-pu: package spip/3.2.11-3+deb11u8
  - From: David Prévot <taffit@debian.org>

Prev by Date: Processed: Re: Bug#1037187: bullseye-pu: package libprelude/5.2.0-3+deb11u1
Next by Date: Bug#1036975: bullseye-pu: package node-url-parse/1.5.3-1+deb11u2
Previous by thread: Processed: bullseye-pu: package spip/3.2.11-3+deb11u8
Next by thread: Bug#1038153: spip 3.2.11-3+deb11u8 flagged for acceptance
Index(es):
- Date
- Thread