Debian Bug report logs - #635937
TYPO3 Security Bulletin TYPO3-CORE-SA-2011-001: Multiple vulnerabilities in TYPO3 Core

version graph

Package: typo3-src; Maintainer for typo3-src is Christian Welzel <gawain@camlann.de>;

Reported by: Christian Welzel <gawain@camlann.de>

Date: Fri, 29 Jul 2011 17:12:01 UTC

Severity: critical

Tags: security

Found in version 4.2.5-1+lenny7

Fixed in versions typo3-src/4.5.4+dfsg1-1, typo3-src/4.2.5-1+lenny8, typo3-src/4.3.9+dfsg1-1+squeeze1

Done: Christian Welzel <gawain@camlann.de>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org:
Bug#635937; Package typo3-src. (Fri, 29 Jul 2011 17:12:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Christian Welzel <gawain@camlann.de>:
New Bug report received and forwarded.

Your message had a Version: pseudo-header with an invalid package version:

4.5.3+dfsg1-1, 4.3.9+dfsg1-1

please either use found or fixed to the control server with a correct version, or reply to this report indicating the correct version so the maintainer (or someone else) can correct it for you.

(Fri, 29 Jul 2011 17:12:04 GMT) Full text and rfc822 format available.


Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Christian Welzel <gawain@camlann.de>
To: submit@bugs.debian.org
Subject: TYPO3 Security Bulletin TYPO3-CORE-SA-2011-001: Multiple vulnerabilities in TYPO3 Core
Date: Fri, 29 Jul 2011 19:09:48 +0200
Package: typo3-src
Severity: critical
Tags: security
Version: 4.5.3+dfsg1-1, 4.3.9+dfsg1-1


Component Type: TYPO3 Core
Affected Versions: 4.3.11 and below, 4.4.8 and below, 4.5.3 and below
Vulnerability Types: Cross-Site Scripting (XSS), Information Disclosure,
Authentication Delay Bypass, Unserialize() vulnerability, Missing Access
Control
Overall Severity: High
Release Date: July 27, 2011


Vulnerable subcomponent #1: Frontend




Vulnerability Type: Cross-Site Scripting
Severity: High
Suggested CVSS v2.0: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C
Problem Description: Failing to properly sanitize URL parameters the
"JSwindow" property of the typolink function is susceptible to
Cross-Site Scripting. The problem does not exist if the third party
extension "realurl" is used and it's configuration parameter
"doNotRawUrlEncodeParameterNames" is set to FALSE (default).




Vulnerable subcomponent #2: Backend



Vulnerability Type: Information Disclosure
Severity: Low
Suggested CVSS v2.0: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C
Problem Description: For authentication attempts with wrong credentials,
TYPO3 sends different HTTP-Headers depending if provided username or
provided password is wrong.


Vulnerability Type: Authentication Delay Bypass
Severity: Low
Suggested CVSS v2.0: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C
Problem Description: The TYPO3 Backend login has a delay for
authentication attempts with wrong credentials. By using a crafted
request, an attacker is able to bypass the madantory delay in such cases.


Vulnerability Type: Cross-Site Scripting
Severity: Medium
Suggested CVSS v2.0: AV:N/AC:L/Au:S/C:N/I:P/A:N/E:U/RL:OF/RC:C
Problem Description: Failing to properly sanitize an username the admin
panel is susceptible to Cross-Site Scripting.


Vulnerability Type: Cross-Site Scripting
Severity: Medium
Suggested CVSS v2.0: AV:N/AC:H/Au:S/C:P/I:P/A:N/E:U/RL:OF/RC:C
Problem Description: Failing to properly sanitize a content element's
link attribute the browse_links wizard is susceptible to Cross-Site
Scripting. Exploiting requires an attacker to prepare a content element
and trick its victim to open the browse_links wizard for this record.


Vulnerability Type: Cross-Site Scripting
Severity: Medium
Suggested CVSS v2.0: AV:N/AC:H/Au:S/C:P/I:P/A:N/E:U/RL:OF/RC:C
Problem Description: Failing to properly sanitize a page title the
system extension recycler is susceptible to Cross-Site Scripting.
Exploiting requires an attacker to prepare a page and deleted page and
trick its victim to visit the recycler.


Vulnerability Type: Cross-Site Scripting
Severity: Medium
Suggested CVSS v2.0: AV:N/AC:H/Au:S/C:P/I:P/A:N/E:U/RL:OF/RC:C
Problem Description: Failing to properly sanitize a page title the
tcemain flash message is susceptible to Cross-Site Scripting. Exploiting
requires an attacker to prepare a page and trick its victim to copy/move
the prepared page.


Vulnerability Type: Information Disclosure
Severity: Medium
Suggested CVSS v2.0: AV:N/AC:L/Au:S/C:P/I:N/A:N/E:U/RL:OF/RC:C
Problem Description: A TYPO3 Backend user (editor) is able to see
workspace changes of records in any languages - even for those he hasn't
got granted access to.


Vulnerability Type: Information Disclosure
Severity: High
Suggested CVSS v2.0: AV:N/AC:L/Au:S/C:C/I:P/A:N/E:U/RL:OF/RC:C
Problem Description: Using "getText" feature on headlines of content
elements it is possible to retrieve arbitrary data from TYPO3 database.
The vulnerability results from an insecure configuration in
css_styled_content system extension.

Important Note: Having an adjusted fontTag property in the provided
TypoScript (e.g. lib.stdheader.10.1.fontTag) or depending on headlines
passed through fontTag might result in unexpected rendering results.
Headline rendering is now handled through dataWrap (e.g.
lib.stdheader.10.1.dataWrap). Make sure to check your TypoScript before
the update and check the wesite rendering after it!


Vulnerability Type: Unserialize() vulnerability
Severity: High
Suggested CVSS v2.0: AV:N/AC:M/Au:S/C:P/I:C/A:N/E:U/RL:OF/RC:C
Problem Description: Special user input of BE editors is treated as
serialized data and is deserialized by TYPO3. This allows BE editors to
delete any arbitrary file the webserver has access to.





Vulnerable subcomponent #3: Exposed API



Vulnerability Type: Cross-Site Scripting
Severity: Medium
Suggested CVSS v2.0: AV:N/AC:M/Au:N/C:P/I:P/A:N/E:U/RL:OF/RC:C
Problem Description: The RemoveXSS function fails to sanitize an attack
vector that works in Internet Explorer version 6.


Vulnerability Type: Missing Access Control
Severity: High
Suggested CVSS v2.0: AV:N/AC:M/Au:S/C:P/I:P/A:N/E:U/RL:OF/RC:C
Problem Description: ExtDirect endpoints are not associated with TYPO3
backend modules and such TYPO3 access control is not applied on
ExtDirect calls. This allows arbitrary BE users to consume any available
ExtDirect endpoint service.


-- 
 MfG, Christian Welzel

  GPG-Key:     http://www.camlann.de/de/pgpkey.html
  Fingerprint: 4F50 19BF 3346 36A6 CFA9 DBDC C268 6D24 70A1 AD15




Reply sent to Christian Welzel <gawain@camlann.de>:
You have taken responsibility. (Mon, 01 Aug 2011 22:06:07 GMT) Full text and rfc822 format available.

Notification sent to Christian Welzel <gawain@camlann.de>:
Bug acknowledged by developer. (Mon, 01 Aug 2011 22:06:07 GMT) Full text and rfc822 format available.

Message #10 received at 635937-close@bugs.debian.org (full text, mbox):

From: Christian Welzel <gawain@camlann.de>
To: 635937-close@bugs.debian.org
Subject: Bug#635937: fixed in typo3-src 4.5.4+dfsg1-1
Date: Mon, 01 Aug 2011 22:04:21 +0000
Source: typo3-src
Source-Version: 4.5.4+dfsg1-1

We believe that the bug you reported is fixed in the latest version of
typo3-src, which is due to be installed in the Debian FTP archive:

typo3-database_4.5.4+dfsg1-1_all.deb
  to main/t/typo3-src/typo3-database_4.5.4+dfsg1-1_all.deb
typo3-dummy_4.5.4+dfsg1-1_all.deb
  to main/t/typo3-src/typo3-dummy_4.5.4+dfsg1-1_all.deb
typo3-src-4.5_4.5.4+dfsg1-1_all.deb
  to main/t/typo3-src/typo3-src-4.5_4.5.4+dfsg1-1_all.deb
typo3-src_4.5.4+dfsg1-1.debian.tar.gz
  to main/t/typo3-src/typo3-src_4.5.4+dfsg1-1.debian.tar.gz
typo3-src_4.5.4+dfsg1-1.dsc
  to main/t/typo3-src/typo3-src_4.5.4+dfsg1-1.dsc
typo3-src_4.5.4+dfsg1.orig-dummy.tar.gz
  to main/t/typo3-src/typo3-src_4.5.4+dfsg1.orig-dummy.tar.gz
typo3-src_4.5.4+dfsg1.orig.tar.gz
  to main/t/typo3-src/typo3-src_4.5.4+dfsg1.orig.tar.gz
typo3_4.5.4+dfsg1-1_all.deb
  to main/t/typo3-src/typo3_4.5.4+dfsg1-1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 635937@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christian Welzel <gawain@camlann.de> (supplier of updated typo3-src package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 29 Jul 2011 20:00:00 +0100
Source: typo3-src
Binary: typo3-src-4.5 typo3-database typo3-dummy typo3
Architecture: source all
Version: 4.5.4+dfsg1-1
Distribution: unstable
Urgency: high
Maintainer: Christian Welzel <gawain@camlann.de>
Changed-By: Christian Welzel <gawain@camlann.de>
Description: 
 typo3      - The enterprise level open source WebCMS (Meta)
 typo3-database - TYPO3 - The enterprise level open source WebCMS (Database)
 typo3-dummy - web content management system
 typo3-src-4.5 - TYPO3 - The enterprise level open source WebCMS (Core)
Closes: 635937
Changes: 
 typo3-src (4.5.4+dfsg1-1) unstable; urgency=high
 .
   * New upstream release:
     - fixes: "TYPO3 Security Bulletin TYPO3-CORE-SA-2011-001: Multiple
       vulnerabilities in TYPO3 Core" (Closes: 635937)
   * Adopted patch 02-dummy-defaults.patch to new localconf.php.
   * Removed typo3-dummy.examples, because its empty now.
Checksums-Sha1: 
 5658629aed49a0e4cbc087001802cc2c9803c6dc 1661 typo3-src_4.5.4+dfsg1-1.dsc
 efef3befc7972e5c7d6cc0b7078db1febdfcd385 7672 typo3-src_4.5.4+dfsg1.orig-dummy.tar.gz
 0261508bbe4a047f47990e5dedd34d4bef26ba8c 20504107 typo3-src_4.5.4+dfsg1.orig.tar.gz
 484fa4e01e6cb1cdab28a6489fcbb250efc93aab 148076 typo3-src_4.5.4+dfsg1-1.debian.tar.gz
 1f7d17e4f57533abea67e35206e216ea7f5959a2 20185446 typo3-src-4.5_4.5.4+dfsg1-1_all.deb
 9b5e4785496288fe2807c7e1d402aaaa18f46b65 261690 typo3-database_4.5.4+dfsg1-1_all.deb
 603e50642ddf62779e4d5d03b5e058d33309017f 266654 typo3-dummy_4.5.4+dfsg1-1_all.deb
 cd24ffed431e3e0cf4a0e617ace25442817311c5 1250 typo3_4.5.4+dfsg1-1_all.deb
Checksums-Sha256: 
 99770ff18abc1be1c3647ee3348261569715da93074b75f0ead08f63a9f0bbf1 1661 typo3-src_4.5.4+dfsg1-1.dsc
 ef7345938bd9634599af57b55ab42dca4278db5e53ff0e534857018b792d81db 7672 typo3-src_4.5.4+dfsg1.orig-dummy.tar.gz
 e9f35848cac92dd8a8f9b37e41d39eea330a9526eabb702407ab95978a146154 20504107 typo3-src_4.5.4+dfsg1.orig.tar.gz
 61fe0731c4171bc7a99fcc1c1e0993cdac8887931ce3bac0a7372bd23ba83ce8 148076 typo3-src_4.5.4+dfsg1-1.debian.tar.gz
 6908fc9f0b55fb6b297ede70c5cb0ff3e1118f0b88e2dfa1da1f14a650aa3e33 20185446 typo3-src-4.5_4.5.4+dfsg1-1_all.deb
 9c9f6ff72ff9554dc4a67d23e74001000a5af93c28ac033c37f2a8640de11da0 261690 typo3-database_4.5.4+dfsg1-1_all.deb
 8bcf459b743cb8181c19baab37f6de6a09752e9fbb868c66f17b51cab4c86d93 266654 typo3-dummy_4.5.4+dfsg1-1_all.deb
 8e45c23bb98b2af96ae2fc30a673bca95310b6701c4c1967c3ec102f013cecd8 1250 typo3_4.5.4+dfsg1-1_all.deb
Files: 
 9000c120bdec2998d16283d0912282d8 1661 web optional typo3-src_4.5.4+dfsg1-1.dsc
 bbd31f348a88dd4af7e48221971d4f47 7672 web optional typo3-src_4.5.4+dfsg1.orig-dummy.tar.gz
 723d9a76b662526dfa7a1857abe58f44 20504107 web optional typo3-src_4.5.4+dfsg1.orig.tar.gz
 c39f2eb025bfd7d440fc919b10fdcd18 148076 web optional typo3-src_4.5.4+dfsg1-1.debian.tar.gz
 13b747f78d59871bc7986f9c3b403c43 20185446 web optional typo3-src-4.5_4.5.4+dfsg1-1_all.deb
 990710997cf978ca7c7bba8e67b99d0a 261690 web optional typo3-database_4.5.4+dfsg1-1_all.deb
 da3f95846d0cb2291231d2fd510ed901 266654 web optional typo3-dummy_4.5.4+dfsg1-1_all.deb
 f62e40c0ac717335bccc3d97ab70fcbf 1250 web optional typo3_4.5.4+dfsg1-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBAgAGBQJONyMVAAoJEL97/wQC1SS+XvUIAJgqGU3qltil49xj/AyAlv39
E1MBnHAdqmG4w+vTPgb1cSW5pqj/DH/lcZIWczrE68ft2pCB8OwynDvhSysNBqFD
7F8wXj3xdpU4mZk8QaH2YP9NoRXzXZeOD7H6n3q/UECS24XTMMBRNhMvKSNoWMk+
tp6cS0a3CIgWe/z+zkmtXrV42C9lpZQEVLYm5oprQG9GRQi9KC7QSal72YVdI9zb
qwZY2FMqnZR+Lyr8ddYySZB/xsz6veo1Q/sIZsjZ3lbiSkmI63fKms8Rvrz6pCZH
OTYUKdCMP1awKFmylqrhekYhws7pBKlgjoUHjiELhwLE//R53/uGjj4UEZI/XfE=
=llUs
-----END PGP SIGNATURE-----





Bug Marked as found in versions 4.2.5-1+lenny7. Request was from Holger Levsen <holger@layer-acht.org> to control@bugs.debian.org. (Fri, 05 Aug 2011 15:33:05 GMT) Full text and rfc822 format available.

Reply sent to Christian Welzel <gawain@camlann.de>:
You have taken responsibility. (Mon, 08 Aug 2011 01:57:03 GMT) Full text and rfc822 format available.

Notification sent to Christian Welzel <gawain@camlann.de>:
Bug acknowledged by developer. (Mon, 08 Aug 2011 01:57:03 GMT) Full text and rfc822 format available.

Message #17 received at 635937-close@bugs.debian.org (full text, mbox):

From: Christian Welzel <gawain@camlann.de>
To: 635937-close@bugs.debian.org
Subject: Bug#635937: fixed in typo3-src 4.2.5-1+lenny8
Date: Mon, 08 Aug 2011 01:52:55 +0000
Source: typo3-src
Source-Version: 4.2.5-1+lenny8

We believe that the bug you reported is fixed in the latest version of
typo3-src, which is due to be installed in the Debian FTP archive:

typo3-src-4.2_4.2.5-1+lenny8_all.deb
  to main/t/typo3-src/typo3-src-4.2_4.2.5-1+lenny8_all.deb
typo3-src_4.2.5-1+lenny8.diff.gz
  to main/t/typo3-src/typo3-src_4.2.5-1+lenny8.diff.gz
typo3-src_4.2.5-1+lenny8.dsc
  to main/t/typo3-src/typo3-src_4.2.5-1+lenny8.dsc
typo3_4.2.5-1+lenny8_all.deb
  to main/t/typo3-src/typo3_4.2.5-1+lenny8_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 635937@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christian Welzel <gawain@camlann.de> (supplier of updated typo3-src package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 05 Aug 2011 15:30:56 +0000
Source: typo3-src
Binary: typo3 typo3-src-4.2
Architecture: source all
Version: 4.2.5-1+lenny8
Distribution: oldstable-security
Urgency: high
Maintainer: Christian Welzel <gawain@camlann.de>
Changed-By: Christian Welzel <gawain@camlann.de>
Description: 
 typo3      - Powerful content management framework (Meta package)
 typo3-src-4.2 - Powerful content management framework (Core)
Closes: 635937
Changes: 
 typo3-src (4.2.5-1+lenny8) oldstable-security; urgency=high
 .
   [ Christian Welzel ]
   * Security patch from new upstream release 4.3.12
     - fixes: "TYPO3 Security Bulletin TYPO3-CORE-SA-2011-001: Multiple
       vulnerabilities in TYPO3 Core" (Closes: 635937)
Checksums-Sha1: 
 caf4cf6131a2a8a7b687a1ecfd8626b6cebcdaed 1009 typo3-src_4.2.5-1+lenny8.dsc
 e9fef50fa5d39828963b8d0344a0863686883448 160648 typo3-src_4.2.5-1+lenny8.diff.gz
 0bac30b4bfb6e2c5d6d8faddce683d649030fa03 134250 typo3_4.2.5-1+lenny8_all.deb
 5c4583cad3fb61c42ad19b72089eeaa0de66bc58 8189466 typo3-src-4.2_4.2.5-1+lenny8_all.deb
Checksums-Sha256: 
 89b3efa2d36b7615fa8a0c9cc51dab6b4593c8c5d60f34ac4a333b6cd146b401 1009 typo3-src_4.2.5-1+lenny8.dsc
 3390e8a26ccd83798600dd967fae8aa753015a42e825b6cebdb4cdf075419949 160648 typo3-src_4.2.5-1+lenny8.diff.gz
 a7804badf046a5e585e6b6c30bdf17a8832381d33475aecebf596b25d8643049 134250 typo3_4.2.5-1+lenny8_all.deb
 9a7cf7374225f68a218cfe91cecb2851b241d11e851faad3c75bc0aa2792d8b7 8189466 typo3-src-4.2_4.2.5-1+lenny8_all.deb
Files: 
 7fc1563d9f1f28a4c56377d9c5a49828 1009 web optional typo3-src_4.2.5-1+lenny8.dsc
 2ae0aebc38cad0b4f7314c3809f27af9 160648 web optional typo3-src_4.2.5-1+lenny8.diff.gz
 cf2797158c87ac5a1903a6d38075caa9 134250 web optional typo3_4.2.5-1+lenny8_all.deb
 4dfbb3ec453c0c7c963cc1952e002629 8189466 web optional typo3-src-4.2_4.2.5-1+lenny8_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFOPA2OUHLQNqxYNSARAoeSAJ0aO2e+B3att6+A/Jps2l13dcoAhgCghNbx
bSaL2OPue+HPE6i5uYhkKn8=
=kqc9
-----END PGP SIGNATURE-----





Reply sent to Christian Welzel <gawain@camlann.de>:
You have taken responsibility. (Mon, 08 Aug 2011 01:57:05 GMT) Full text and rfc822 format available.

Notification sent to Christian Welzel <gawain@camlann.de>:
Bug acknowledged by developer. (Mon, 08 Aug 2011 01:57:06 GMT) Full text and rfc822 format available.

Message #22 received at 635937-close@bugs.debian.org (full text, mbox):

From: Christian Welzel <gawain@camlann.de>
To: 635937-close@bugs.debian.org
Subject: Bug#635937: fixed in typo3-src 4.3.9+dfsg1-1+squeeze1
Date: Mon, 08 Aug 2011 01:52:58 +0000
Source: typo3-src
Source-Version: 4.3.9+dfsg1-1+squeeze1

We believe that the bug you reported is fixed in the latest version of
typo3-src, which is due to be installed in the Debian FTP archive:

typo3-database_4.3.9+dfsg1-1+squeeze1_all.deb
  to main/t/typo3-src/typo3-database_4.3.9+dfsg1-1+squeeze1_all.deb
typo3-src-4.3_4.3.9+dfsg1-1+squeeze1_all.deb
  to main/t/typo3-src/typo3-src-4.3_4.3.9+dfsg1-1+squeeze1_all.deb
typo3-src_4.3.9+dfsg1-1+squeeze1.debian.tar.gz
  to main/t/typo3-src/typo3-src_4.3.9+dfsg1-1+squeeze1.debian.tar.gz
typo3-src_4.3.9+dfsg1-1+squeeze1.dsc
  to main/t/typo3-src/typo3-src_4.3.9+dfsg1-1+squeeze1.dsc
typo3_4.3.9+dfsg1-1+squeeze1_all.deb
  to main/t/typo3-src/typo3_4.3.9+dfsg1-1+squeeze1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 635937@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Christian Welzel <gawain@camlann.de> (supplier of updated typo3-src package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 29 Jul 2011 22:00:00 +0100
Source: typo3-src
Binary: typo3-src-4.3 typo3-database typo3
Architecture: source all
Version: 4.3.9+dfsg1-1+squeeze1
Distribution: squeeze-security
Urgency: high
Maintainer: Christian Welzel <gawain@camlann.de>
Changed-By: Christian Welzel <gawain@camlann.de>
Description: 
 typo3      - The enterprise level open source WebCMS (Meta)
 typo3-database - TYPO3 - The enterprise level open source WebCMS (Database)
 typo3-src-4.3 - TYPO3 - The enterprise level open source WebCMS (Core)
Closes: 635937
Changes: 
 typo3-src (4.3.9+dfsg1-1+squeeze1) squeeze-security; urgency=high
 .
   * Security patch from new upstream release 4.3.12:
     - fixes: "TYPO3 Security Bulletin TYPO3-CORE-SA-2011-001: Multiple
       vulnerabilities in TYPO3 Core" (Closes: 635937)
Checksums-Sha1: 
 fdfb984713c423d51f05d77e1e74041455cab768 1399 typo3-src_4.3.9+dfsg1-1+squeeze1.dsc
 e9877097e48875ee0313c109a5b810b6c2837af5 11503840 typo3-src_4.3.9+dfsg1.orig.tar.gz
 b65c60053e3b5dc46a252d1e4b9da79943202031 128827 typo3-src_4.3.9+dfsg1-1+squeeze1.debian.tar.gz
 28c5660d2c2d519c8288bdb5390ea9645ba5c5b8 11288306 typo3-src-4.3_4.3.9+dfsg1-1+squeeze1_all.deb
 97b5f25328892b12c64361af42d42775dfc678fb 201320 typo3-database_4.3.9+dfsg1-1+squeeze1_all.deb
 5daf27c2048c9562e6fb8d94c55f2aaea12ae42b 1258 typo3_4.3.9+dfsg1-1+squeeze1_all.deb
Checksums-Sha256: 
 be3506b2fbb75d0cc81e5f1f9243f502b10fb5a477d9fbb3015d1147e534ff2d 1399 typo3-src_4.3.9+dfsg1-1+squeeze1.dsc
 5886c1df5e2cabdc6f8fdc7759cf7f2b7bd8588cacc17538c50521bad1768ed1 11503840 typo3-src_4.3.9+dfsg1.orig.tar.gz
 4b397e85769d279eb7ba533326dcd0a894eaf7860eed5329e2bdadabcb20b02e 128827 typo3-src_4.3.9+dfsg1-1+squeeze1.debian.tar.gz
 2cd0952781b34af70fe9cfeec1d9a90468c36f9a8e14a821734dc5227b257900 11288306 typo3-src-4.3_4.3.9+dfsg1-1+squeeze1_all.deb
 cd058e2ad02ce7e6656422821b3a10d9a8398a9c2104177a047057e07dd7a187 201320 typo3-database_4.3.9+dfsg1-1+squeeze1_all.deb
 79b9aeb7af384f05b854411063fae2dcb0f3e11b6f4417cc4d36390caf7ca139 1258 typo3_4.3.9+dfsg1-1+squeeze1_all.deb
Files: 
 5c1fab0f9115289bbfce43b64f06630c 1399 web optional typo3-src_4.3.9+dfsg1-1+squeeze1.dsc
 2cb58c27d8bf8ed19c5a5876bdf02208 11503840 web optional typo3-src_4.3.9+dfsg1.orig.tar.gz
 bb5958c8c6710c34fd9dbe70885b8182 128827 web optional typo3-src_4.3.9+dfsg1-1+squeeze1.debian.tar.gz
 10ae445e8bc155208cbb3a74671f98ed 11288306 web optional typo3-src-4.3_4.3.9+dfsg1-1+squeeze1_all.deb
 aad4db1443c634db43a250e6486729b5 201320 web optional typo3-database_4.3.9+dfsg1-1+squeeze1_all.deb
 34615d48116069dbd7957b727cccb3c4 1258 web optional typo3_4.3.9+dfsg1-1+squeeze1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iQEcBAEBAgAGBQJONqvTAAoJEL97/wQC1SS+i/AH/1HXROSjwGzkM0MGmbZndnc2
MuyzCUQoWgBaKZMvHsGRxiv+re6AJVb9GHPCo9W/160CrRZDjmAA24LMpU4gAIml
mQa3Ywy2X1ijrW1yuzt9qF2czZsGJzmmhV1or3Bw1O7HgFKZpxCiUjChNXft4AOh
BFboqQueCUJECdZi5ahqds/oLyzFTQ+TtYx64r1bGxGV0Mdii9ufUKZvpVWCGyjw
2ll06uSny64g45VNUyGTCliXJpjsKK1UeXyU6JW6D0zN8F3ZtrdYEMzQWliYqNoA
olgpZIh2YPPb/OnR+heJvRW+oh3bz5nl+0U2SZCL9AtLfVvZcLX09hCtu4dYfJw=
=rlNH
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Mon, 05 Sep 2011 07:36:19 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 25 07:49:47 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.