-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 23 Feb 2011 02:17:33 +0800 Source: dtc Binary: dtc-common dtc-core dtc-cyrus dtc-postfix-courier dtc-stats-daemon dtc-toaster Architecture: source all Version: 0.29.17-1+lenny1 Distribution: lenny-security Urgency: low Maintainer: Thomas Goirand Changed-By: Thomas Goirand Description: dtc-common - web control panel for admin and accounting hosting services (comm dtc-core - web control panel for admin and accounting hosting services (fewe dtc-cyrus - web control panel for admin and accounting hosting services (cyru dtc-postfix-courier - web control panel for admin and accounting hosting services (more dtc-stats-daemon - dtc-xen VM statistics for the dtc web control panel dtc-toaster - web control panel for admin and accounting hosting services (meta Closes: 614302 Changes: dtc (0.29.17-1+lenny1) lenny-security; urgency=low . * Fixes: CVE-2011-0434: SQL injection in bw_per_month.php graph * Fixes: CVE-2011-0435: Bandwidth information disclosure in bw_per_month.php graph. * Fixes: CVE-2011-0436: Passwords being emailed to the admin in clear text (Closes: #614302). * Fixes: CVE-2011-0437: Removed dangerous SQL old unused code for ssh accounts management. Checksums-Sha1: fa6ae9ca49bcf70f27397cf4b37ace0779f8aff7 1542 dtc_0.29.17-1+lenny1.dsc a4dea72f0586776160994ad12233fc02c121c3d5 11064929 dtc_0.29.17.orig.tar.gz 4fabd2c27d20548f15bcc48cbf2137ba46c5b450 84014 dtc_0.29.17-1+lenny1.diff.gz 75f9ed1a1bc5de2c0998dec1f32a66ba49319c3f 5012906 dtc-common_0.29.17-1+lenny1_all.deb b3b22fea0ddc3087647517517d8bd702d6980f4a 69800 dtc-core_0.29.17-1+lenny1_all.deb 05c435c7242ab204839b0df79d8445867a791229 69920 dtc-cyrus_0.29.17-1+lenny1_all.deb c39d5b5cfd200bcd7c02d7010b721f98450099a4 71442 dtc-postfix-courier_0.29.17-1+lenny1_all.deb 71907f23cb5a69ba600dba6239222218ab2bcf11 30630 dtc-stats-daemon_0.29.17-1+lenny1_all.deb 1e5da94d07d0c5f99ea6cb012ab6ef6f46a9fc7e 25226 dtc-toaster_0.29.17-1+lenny1_all.deb Checksums-Sha256: aba0d22b2178aac8e7e1dbb95579b181285b0504470435680caa1f05b2aac30f 1542 dtc_0.29.17-1+lenny1.dsc 8a6f3ca68ee4f15f6deaa98e3ae65986d7fab077fa908d88833196fd80efe1eb 11064929 dtc_0.29.17.orig.tar.gz b772dde3ff2b522963ca02ad9c51283fc54a0b05ed99150dfc3f6cc203ef00a4 84014 dtc_0.29.17-1+lenny1.diff.gz 4b1f556577b7ac26596296daa9f54ded460225595d7264b2acf5a797ae632179 5012906 dtc-common_0.29.17-1+lenny1_all.deb 5118c8fb6668e676c917291d229b4a255548b1abcc0e07f1a3c2a41a29cd4fd1 69800 dtc-core_0.29.17-1+lenny1_all.deb 31c9b3ca20cea964937c10c7377e57da8e8fd99f584a0b96ecf9f95881027799 69920 dtc-cyrus_0.29.17-1+lenny1_all.deb a9ac8fa2411196b615c115f0aa6a3a5ee305de42680e80a3800c07737f643ee6 71442 dtc-postfix-courier_0.29.17-1+lenny1_all.deb c7c753da6a041b1c5c92fc38cdf0cf8501436d221abd046b65ca5c6e51c8dbc8 30630 dtc-stats-daemon_0.29.17-1+lenny1_all.deb 7e68348918111a1c9e91ff4785ebc6e85a2a89ca20238c7cb94284790c0ad2bf 25226 dtc-toaster_0.29.17-1+lenny1_all.deb Files: 276c9ca22aa2beaa43d8bf5703b57524 1542 admin extra dtc_0.29.17-1+lenny1.dsc 49d9991bdb46bceff8d2ea84896097eb 11064929 admin extra dtc_0.29.17.orig.tar.gz 3cdea33b2c72fbfd541e4447b71dbb67 84014 admin extra dtc_0.29.17-1+lenny1.diff.gz 3d103ffaa55e597ddba8f2374596d842 5012906 admin extra dtc-common_0.29.17-1+lenny1_all.deb 1a6d2ff3f3885d5fccb9e1e35515c1d9 69800 admin extra dtc-core_0.29.17-1+lenny1_all.deb 116cfb38f5fc02c94fc060aea17ed2a6 69920 admin extra dtc-cyrus_0.29.17-1+lenny1_all.deb b21856fa38e043e82480c479388070b0 71442 admin extra dtc-postfix-courier_0.29.17-1+lenny1_all.deb e4935159ee798325e601f98b89571474 30630 admin extra dtc-stats-daemon_0.29.17-1+lenny1_all.deb d3fca954b63dff3b12d9086eb58c6137 25226 admin extra dtc-toaster_0.29.17-1+lenny1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQEcBAEBAgAGBQJNbqlxAAoJEL97/wQC1SS+twkH/3kqN9DGBFHQwtk2kpaSrqOv v5JQU9DQnK20vK593xThbuPIwPhDOQdsvTNEobycT4cxmTEOeuAPGjc9kc2oJyQj iOgYJSbXIgiaeDivjXW7YSjjbZPw/4QLfCrlu4hO12aUJ8IpUZ1qPoA1qoIWxjXt Cb2v88k4jq3HGKxjLDP/bgaGg2TFnXyEL3JV5TiHYCZxI+4eZjXWQ6TfzsLcMqXx ikjWhwssuIZIK0UCLrfQy+XpGPv48fgBv7Dtt9bS6AGRX9h1m3dSEfPa6S5CBB3h 06VC1d81F1uSlp8iVwbV2PMf7uWpSMmLKkop8ZopDSaLwZE5iyMWzLK5tGjknuk= =8ljl -----END PGP SIGNATURE-----