[cyber] I: 5.1/branch packages: +1! +2 (9613)

[cyber] I: 5.1/branch packages: +1! +2 (9613)

[QA Team Robot]

	1 ADDED package

wildmidi - WildMidi Open Source Midi Sequencer
* Mon Aug 02 2010 Motsyo Gennadi <drool@altlinux> 0.2.3.3-alt0.M51.2
- fix build for /etc/timidity.cfg
* Mon Aug 02 2010 Motsyo Gennadi <drool@altlinux> 0.2.3.3-alt0.M51.1
- build for M51
* Wed Jul 14 2010 Fr. Br. George <george@altlinux> 0.2.3.3-alt1

	2 UPDATED packages

typo3-dummy - Dummy site for TYPO3
* Sun Aug 01 2010 Michael Shigorin <mike@altlinux> 4.3.4-alt1
- 4.3.4
* Tue Feb 23 2010 Michael Shigorin <mike@altlinux> 4.3.2-alt1
- 4.3.2
* Thu Jan 14 2010 Michael Shigorin <mike@altlinux> 4.3.1-alt1
- 4.3.1
* Mon Nov 30 2009 Michael Shigorin <mike@altlinux> 4.3.0-alt1
- 4.3.0
* Sun Oct 25 2009 Michael Shigorin <mike@altlinux> 4.2.10-alt1

typo3_src - A free, feature rich, Content Management Framework/System	[12M]
* Sun Aug 01 2010 Michael Shigorin <mike@altlinux> 4.3.4-alt1
- 4.3.4: major/medium security fixes:
  + several XSS in backend (valid backend login required)
  + open redirection in backend (valid backend login required)
  + SQL injection in some backend record editing forms
    (special backend login/configuration required)
  + arbitrary code execution depending on server configuration
    (valid backend login required to upload .phtml)
  + webroot path disclosure possible with defective extensions
  + Extension Manager: XSS and arbitrary file access
    (valid backend admin login required)
  + user auth, "forgot password": PHP insecure randomness
  + form content element data check failure (spam abuse)
  + header injection with jumpurl feature
  + frontend login box: open redirection, XSS
  + install tool: session fixation
  + extbase XSS possible with FLUID Templating Engine
  + t3lib_htmlmail includes the exact CMS version in headers
* Tue Feb 23 2010 Michael Shigorin <mike@altlinux> 4.3.2-alt1
- 4.3.2: major/medium security fixes (no CVE so far)
  + frontend login: possible auth bypass using a hash
    *if* "saltedpasswords" is enabled
    *and* several auth services are configured
  + frontend: possible CSS if running on php-cgi
  + backend: possible XSSes (valid backend login required)
  + backend: information disclosure with specific
    sys_action setup (valid backend login required)
  + https://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/
* Thu Jan 14 2010 Michael Shigorin <mike@altlinux> 4.3.1-alt1
- 4.3.1: major security fix for "openid" system extension
  (possible backend user authentication bypass if it's enabled):
  http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/
* Sun Dec 13 2009 Michael Shigorin <mike@altlinux> 4.3.0-alt2
- gzip ChangeLog (repocop)
* Mon Nov 30 2009 Michael Shigorin <mike@altlinux> 4.3.0-alt1
- 4.3.0: new and improved series, see also
  https://typo3.org/download/release-notes/typo3-43/
- /usr/share/typo3_src-$major.$minor symlink to ease deployment
  and upgrade throughout patchlevel series
* Sun Oct 25 2009 Michael Shigorin <mike@altlinux> 4.2.10-alt1

Total 9613 source packages.