Bug#555235: [patch] re: ebug-http: CVE-2007-2383 and CVE-2008-7720 prototypejs vulnerabilities

Mon, 12 Apr 2010 01:33:20 -0700 

Tags: patch

Hi,

 I've made a simple patch for this issue.
 Please review and apply it.


-- 
Regards,

 Hideki Yamane     henrich @ debian.or.jp/iijmio-mail.jp
 http://wiki.debian.org/HidekiYamane

diff -u ebug-http-0.31/debian/changelog ebug-http-0.31/debian/changelog
--- ebug-http-0.31/debian/changelog
+++ ebug-http-0.31/debian/changelog
@@ -1,3 +1,11 @@
+ebug-http (0.31-2.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * fix CVE-2007-2383 and CVE-2008-7720 prototypejs vulnerabilities by
+    using libjs-prototype (Closes: #555235) 
+
+ -- Hideki Yamane (Debian-JP) <henr...@debian.or.jp>  Mon, 12 Apr 2010 13:12:53 +0900
+
 ebug-http (0.31-2) unstable; urgency=low
 
   * Now maintained with Subversion on collab-maint.alioth.debian.org
diff -u ebug-http-0.31/debian/control ebug-http-0.31/debian/control
--- ebug-http-0.31/debian/control
+++ ebug-http-0.31/debian/control
@@ -2,7 +2,9 @@
 Section: perl
 Priority: optional
 Build-Depends: debhelper (>= 5.0.0), cdbs, patchutils
-Build-Depends-Indep: perl (>= 5.8.8-7), libdevel-ebug-perl, libcatalyst-perl, libcatalyst-modules-perl, libhtml-prototype-perl, libpath-class-perl, libppi-perl, libppi-html-perl, libtest-expect-perl
+Build-Depends-Indep: perl (>= 5.8.8-7), libdevel-ebug-perl, libcatalyst-perl, 
+ libcatalyst-modules-perl, libhtml-prototype-perl, libpath-class-perl, libppi-perl, 
+ libppi-html-perl, libtest-expect-perl
 Maintainer: Peter Makholm <pe...@makholm.net>
 Standards-Version: 3.7.3
 Vcs-Svn: svn://svn.debian.org/collab-maint/deb-maint/ebug-http/trunk
@@ -11,7 +13,9 @@
 
 Package: ebug-http
 Architecture: all
-Depends: ${perl:Depends}, ${misc:Depends}, libdevel-ebug-perl, libcatalyst-perl, libcatalyst-modules-perl, libhtml-prototype-perl, libpath-class-perl, libppi-perl, libppi-html-perl
+Depends: ${perl:Depends}, ${misc:Depends}, libdevel-ebug-perl, libcatalyst-perl, 
+ libcatalyst-modules-perl, libhtml-prototype-perl, libpath-class-perl, libppi-perl, 
+ libppi-html-perl, libjs-prototype
 Description: web front end to a simple, extensible Perl debugger
  Devel::ebug is a simple, extensible Perl debugger with a clean API. Using this
  module, you may easily write a Perl debugger to debug your programs.
only in patch2:
unchanged:
--- ebug-http-0.31.orig/debian/ebug-http.links
+++ ebug-http-0.31/debian/ebug-http.links
@@ -0,0 +1 @@
+usr/share/javascript/prototype/prototype.js	usr/share/perl5/Devel/ebug/HTTP/root/prototype.js

Attachment: pgpfrCtTXRymC.pgp
Description: PGP signature

Reply via email to