From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <qa@granary.localdomain>
Date: Tue, 3 Aug 2010 01:38:37 +0000
From: QA Team Robot <qa@altlinux.org>
To: sisyphus-cybertalk@lists.altlinux.org
Message-ID: <20100803013837.GA2012@granary.armor.altlinux.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Subject: [cyber] I: 5.1/branch packages: +1! +2 (9613)
X-BeenThere: sisyphus-cybertalk@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: devel@lists.altlinux.org
List-Id: ALT Linux Sisyphus cybertalk <sisyphus-cybertalk.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/sisyphus-cybertalk>,
	<mailto:sisyphus-cybertalk-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sisyphus-cybertalk>
List-Post: <mailto:sisyphus-cybertalk@lists.altlinux.org>
List-Help: <mailto:sisyphus-cybertalk-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sisyphus-cybertalk>,
	<mailto:sisyphus-cybertalk-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Aug 2010 01:38:38 -0000
Archived-At: <http://lore.altlinux.org/sisyphus-cybertalk/20100803013837.GA2012@granary.armor.altlinux.org/>
List-Archive: <http://lore.altlinux.org/sisyphus-cybertalk/>

	1 ADDED package

wildmidi - WildMidi Open Source Midi Sequencer
* Mon Aug 02 2010 Motsyo Gennadi <drool@altlinux> 0.2.3.3-alt0.M51.2
- fix build for /etc/timidity.cfg
* Mon Aug 02 2010 Motsyo Gennadi <drool@altlinux> 0.2.3.3-alt0.M51.1
- build for M51
* Wed Jul 14 2010 Fr. Br. George <george@altlinux> 0.2.3.3-alt1

	2 UPDATED packages

typo3-dummy - Dummy site for TYPO3
* Sun Aug 01 2010 Michael Shigorin <mike@altlinux> 4.3.4-alt1
- 4.3.4
* Tue Feb 23 2010 Michael Shigorin <mike@altlinux> 4.3.2-alt1
- 4.3.2
* Thu Jan 14 2010 Michael Shigorin <mike@altlinux> 4.3.1-alt1
- 4.3.1
* Mon Nov 30 2009 Michael Shigorin <mike@altlinux> 4.3.0-alt1
- 4.3.0
* Sun Oct 25 2009 Michael Shigorin <mike@altlinux> 4.2.10-alt1

typo3_src - A free, feature rich, Content Management Framework/System	[12M]
* Sun Aug 01 2010 Michael Shigorin <mike@altlinux> 4.3.4-alt1
- 4.3.4: major/medium security fixes:
  + several XSS in backend (valid backend login required)
  + open redirection in backend (valid backend login required)
  + SQL injection in some backend record editing forms
    (special backend login/configuration required)
  + arbitrary code execution depending on server configuration
    (valid backend login required to upload .phtml)
  + webroot path disclosure possible with defective extensions
  + Extension Manager: XSS and arbitrary file access
    (valid backend admin login required)
  + user auth, "forgot password": PHP insecure randomness
  + form content element data check failure (spam abuse)
  + header injection with jumpurl feature
  + frontend login box: open redirection, XSS
  + install tool: session fixation
  + extbase XSS possible with FLUID Templating Engine
  + t3lib_htmlmail includes the exact CMS version in headers
* Tue Feb 23 2010 Michael Shigorin <mike@altlinux> 4.3.2-alt1
- 4.3.2: major/medium security fixes (no CVE so far)
  + frontend login: possible auth bypass using a hash
    *if* "saltedpasswords" is enabled
    *and* several auth services are configured
  + frontend: possible CSS if running on php-cgi
  + backend: possible XSSes (valid backend login required)
  + backend: information disclosure with specific
    sys_action setup (valid backend login required)
  + https://typo3.org/teams/security/security-bulletins/typo3-sa-2010-004/
* Thu Jan 14 2010 Michael Shigorin <mike@altlinux> 4.3.1-alt1
- 4.3.1: major security fix for "openid" system extension
  (possible backend user authentication bypass if it's enabled):
  http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-001/
* Sun Dec 13 2009 Michael Shigorin <mike@altlinux> 4.3.0-alt2
- gzip ChangeLog (repocop)
* Mon Nov 30 2009 Michael Shigorin <mike@altlinux> 4.3.0-alt1
- 4.3.0: new and improved series, see also
  https://typo3.org/download/release-notes/typo3-43/
- /usr/share/typo3_src-$major.$minor symlink to ease deployment
  and upgrade throughout patchlevel series
* Sun Oct 25 2009 Michael Shigorin <mike@altlinux> 4.2.10-alt1

Total 9613 source packages.