Debian Bug report logs - #683418
[Debian RT] CVE-2012-4000: XSS vulnerability in fckeditor

version graph

Package: fckeditor; Maintainer for fckeditor is Frank Habermann <lordlamer@lordlamer.de>; Source for fckeditor is src:fckeditor.

Reported by: Yves-Alexis Perez <corsac@debian.org>

Date: Tue, 31 Jul 2012 17:33:06 UTC

Severity: important

Fixed in versions fckeditor/1:2.6.6-3, fckeditor/1:2.6.6-1squeeze1

Done: Frank Habermann <lordlamer@lordlamer.de>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, security@rt.debian.org, Frank Habermann <lordlamer@lordlamer.de>:
Bug#683418; Package fckeditor. (Tue, 31 Jul 2012 17:33:08 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
New Bug report received and forwarded. Copy sent to security@rt.debian.org, Frank Habermann <lordlamer@lordlamer.de>. (Tue, 31 Jul 2012 17:33:08 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: [Debian RT] CVE-2012-4000: XSS vulnerability in fckeditor
Date: Tue, 31 Jul 2012 19:32:35 +0200
Package: fckeditor
Severity: important

Hi,

an XSS vulnerability was found in fckeditor before 2.6.7. Please try to
fix the problem using an isolated fix since we are in freeze.

More info can be found at
http://disse.cting.org/2012/06/22/fckeditor-reflected-xss-vulnerability/

Regards,
-- 
Yves-Alexis

-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-3-grsec-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash



Information forwarded to debian-bugs-dist@lists.debian.org, Frank Habermann <lordlamer@lordlamer.de>:
Bug#683418; Package fckeditor. (Tue, 31 Jul 2012 20:03:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
Extra info received and forwarded to list. Copy sent to Frank Habermann <lordlamer@lordlamer.de>. (Tue, 31 Jul 2012 20:03:05 GMT) Full text and rfc822 format available.

Message #10 received at 683418@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: Frank Habermann <lordlamer@lordlamer.de>
Cc: 683418@bugs.debian.org, rt@rt.debian.org
Subject: Re [rt.debian.org #3976]: Bug#683418: [Debian RT] CVE-2012-4000: XSS vulnerability in fckeditor
Date: Tue, 31 Jul 2012 21:59:39 +0200
[Message part 1 (text/plain, inline)]
On mar., 2012-07-31 at 21:56 +0200, Frank Habermann wrote:
> Hi,
> 
> > an XSS vulnerability was found in fckeditor before 2.6.7. Please try to
> > fix the problem using an isolated fix since we are in freeze.
> > 
> > More info can be found at
> > http://disse.cting.org/2012/06/22/fckeditor-reflected-xss-vulnerability/
> Thanks for the advice.
> I found no official solution at the moment.
> 
> My soltions for the moment are:
> 
> 1. change line 27 to:
> echo "textinputs[$key] = decodeURIComponent(\"" . htmlentities($val, 
> ENT_COMPAT) . "\");\n";
> 2. change line 27 to:
> echo "textinputs[$key] = decodeURIComponent(\"" . htmlspecialchars($val, 
> ENT_QUOTES) . "\");\n";
> 
> Both soltuins work for me.
> 
> I will try to contact upstream to find a solution.
> 
Thanks for looking at it, please keep us posted on this issue.

Regards,
-- 
Yves-Alexis
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#683418; Package fckeditor. (Tue, 31 Jul 2012 20:09:11 GMT) Full text and rfc822 format available.

Acknowledgement sent to Frank Habermann <lordlamer@lordlamer.de>:
Extra info received and forwarded to list. (Tue, 31 Jul 2012 20:09:11 GMT) Full text and rfc822 format available.

Message #15 received at submit@bugs.debian.org (full text, mbox):

From: Frank Habermann <lordlamer@lordlamer.de>
To: "Yves-Alexis Perez" <corsac@debian.org>, 683418@bugs.debian.org
Cc: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Re: Bug#683418: [Debian RT] CVE-2012-4000: XSS vulnerability in fckeditor
Date: Tue, 31 Jul 2012 21:56:06 +0200
[Message part 1 (text/plain, inline)]
Hi,

> an XSS vulnerability was found in fckeditor before 2.6.7. Please try to
> fix the problem using an isolated fix since we are in freeze.
> 
> More info can be found at
> http://disse.cting.org/2012/06/22/fckeditor-reflected-xss-vulnerability/
Thanks for the advice.
I found no official solution at the moment.

My soltions for the moment are:

1. change line 27 to:
echo "textinputs[$key] = decodeURIComponent(\"" . htmlentities($val, 
ENT_COMPAT) . "\");\n";
2. change line 27 to:
echo "textinputs[$key] = decodeURIComponent(\"" . htmlspecialchars($val, 
ENT_QUOTES) . "\");\n";

Both soltuins work for me.

I will try to contact upstream to find a solution.

regards,
Frank
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#683418; Package fckeditor. (Tue, 31 Jul 2012 20:09:21 GMT) Full text and rfc822 format available.

Acknowledgement sent to Frank Habermann <lordlamer@lordlamer.de>:
Extra info received and forwarded to list. (Tue, 31 Jul 2012 20:09:21 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Frank Habermann <lordlamer@lordlamer.de>:
Bug#683418; Package fckeditor. (Wed, 01 Aug 2012 19:27:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
Extra info received and forwarded to list. Copy sent to Frank Habermann <lordlamer@lordlamer.de>. (Wed, 01 Aug 2012 19:27:07 GMT) Full text and rfc822 format available.

Message #25 received at 683418@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: Frank Habermann <lordlamer@lordlamer.de>
Cc: 683418@bugs.debian.org
Subject: Re: Bug#683418: [Debian RT] CVE-2012-4000: XSS vulnerability in fckeditor
Date: Wed, 01 Aug 2012 21:24:20 +0200
[Message part 1 (text/plain, inline)]
On mar., 2012-07-31 at 21:56 +0200, Frank Habermann wrote:
> Hi,
> 
> > an XSS vulnerability was found in fckeditor before 2.6.7. Please try to
> > fix the problem using an isolated fix since we are in freeze.
> > 
> > More info can be found at
> > http://disse.cting.org/2012/06/22/fckeditor-reflected-xss-vulnerability/
> Thanks for the advice.
> I found no official solution at the moment.
> 
> My soltions for the moment are:
> 
> 1. change line 27 to:
> echo "textinputs[$key] = decodeURIComponent(\"" . htmlentities($val, 
> ENT_COMPAT) . "\");\n";
> 2. change line 27 to:
> echo "textinputs[$key] = decodeURIComponent(\"" . htmlspecialchars($val, 
> ENT_QUOTES) . "\");\n";
> 
> Both soltuins work for me.
> 
> I will try to contact upstream to find a solution.

And can you check if ckeditor is affected too?
-- 
Yves-Alexis
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#683418; Package fckeditor. (Wed, 01 Aug 2012 21:21:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to Frank Habermann <lordlamer@lordlamer.de>:
Extra info received and forwarded to list. (Wed, 01 Aug 2012 21:21:07 GMT) Full text and rfc822 format available.

Message #30 received at 683418@bugs.debian.org (full text, mbox):

From: Frank Habermann <lordlamer@lordlamer.de>
To: "Yves-Alexis Perez" <corsac@debian.org>, 683418@bugs.debian.org
Subject: Re: Bug#683418: [Debian RT] CVE-2012-4000: XSS vulnerability in fckeditor
Date: Wed, 1 Aug 2012 23:18:23 +0200
[Message part 1 (text/plain, inline)]
Hi,

> > I will try to contact upstream to find a solution.
upstream is working on a solution and will give me feedback tomorrow.
 
> And can you check if ckeditor is affected too?
I checked it and it was not affected.

regards,
Frank
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#683418; Package fckeditor. (Thu, 02 Aug 2012 21:45:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Frank Habermann <lordlamer@lordlamer.de>:
Extra info received and forwarded to list. (Thu, 02 Aug 2012 21:45:04 GMT) Full text and rfc822 format available.

Message #35 received at 683418@bugs.debian.org (full text, mbox):

From: Frank Habermann <lordlamer@lordlamer.de>
To: Yves-Alexis Perez <corsac@debian.org>, 683418@bugs.debian.org
Subject: Re: Bug#683418: [Debian RT] CVE-2012-4000: XSS vulnerability in fckeditor
Date: Thu, 02 Aug 2012 23:43:05 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

upstream has released a fixed version.
The spellchecker versions in perl and cfm contains also this
vulnerability.

I will create fixed packages tomorrow.

>> I will try to contact upstream to find a solution.
> 
> And can you check if ckeditor is affected too?
I also asked upstream. ckeditor is not affected as i told.
All server side stuff was removed in ckeditor.

regards,
Frank

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlAa9GgACgkQWr0A+QOsIlAQgwCdE01u+qa2DDnaa5CtkX/tK9JV
2EgAnRkHtdSHcU6CrV6ZkwyhrjETWEvU
=QjUQ
-----END PGP SIGNATURE-----



Information forwarded to debian-bugs-dist@lists.debian.org, Frank Habermann <lordlamer@lordlamer.de>:
Bug#683418; Package fckeditor. (Fri, 03 Aug 2012 05:36:02 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
Extra info received and forwarded to list. Copy sent to Frank Habermann <lordlamer@lordlamer.de>. (Fri, 03 Aug 2012 05:36:03 GMT) Full text and rfc822 format available.

Message #40 received at 683418@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: Frank Habermann <lordlamer@lordlamer.de>
Cc: 683418@bugs.debian.org
Subject: Re: Bug#683418: [Debian RT] CVE-2012-4000: XSS vulnerability in fckeditor
Date: Fri, 03 Aug 2012 07:33:43 +0200
[Message part 1 (text/plain, inline)]
On jeu., 2012-08-02 at 23:43 +0200, Frank Habermann wrote:
> Hi,
> 
> upstream has released a fixed version.
> The spellchecker versions in perl and cfm contains also this
> vulnerability.

Arf, thanks for the notice.
> 
> I will create fixed packages tomorrow.

Please try to isolate fixes from the other upstream changes (if any),
since we are in freeze. For Squeeze, please build in a clean chroot and
with -sa.
> 
> >> I will try to contact upstream to find a solution.
> > 
> > And can you check if ckeditor is affected too?
> I also asked upstream. ckeditor is not affected as i told.
> All server side stuff was removed in ckeditor.
> 
Thanks again :)

-- 
Yves-Alexis
[signature.asc (application/pgp-signature, inline)]

Reply sent to Frank Habermann <lordlamer@lordlamer.de>:
You have taken responsibility. (Fri, 03 Aug 2012 21:51:05 GMT) Full text and rfc822 format available.

Notification sent to Yves-Alexis Perez <corsac@debian.org>:
Bug acknowledged by developer. (Fri, 03 Aug 2012 21:51:05 GMT) Full text and rfc822 format available.

Message #45 received at 683418-close@bugs.debian.org (full text, mbox):

From: Frank Habermann <lordlamer@lordlamer.de>
To: 683418-close@bugs.debian.org
Subject: Bug#683418: fixed in fckeditor 1:2.6.6-3
Date: Fri, 03 Aug 2012 21:47:12 +0000
Source: fckeditor
Source-Version: 1:2.6.6-3

We believe that the bug you reported is fixed in the latest version of
fckeditor, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 683418@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Frank Habermann <lordlamer@lordlamer.de> (supplier of updated fckeditor package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 03 Aug 2012 23:04:00 +0200
Source: fckeditor
Binary: fckeditor
Architecture: source all
Version: 1:2.6.6-3
Distribution: unstable
Urgency: high
Maintainer: Frank Habermann <lordlamer@lordlamer.de>
Changed-By: Frank Habermann <lordlamer@lordlamer.de>
Description: 
 fckeditor  - rich text format javascript web editor
Closes: 683418
Changes: 
 fckeditor (1:2.6.6-3) unstable; urgency=high
 .
   * fixed XSS vulnerability in spellchecker (Closes: #683418) [CVE-2012-4000]
Checksums-Sha1: 
 51f49ae0838a5c36c63d7b48fd8cf617dd5a67f6 1709 fckeditor_2.6.6-3.dsc
 1a0833522c9ca4835fe60e1f2e98158d512f43c2 4685 fckeditor_2.6.6-3.diff.gz
 0ee915247630aa197d7931abd2a470da844cba2e 990364 fckeditor_2.6.6-3_all.deb
Checksums-Sha256: 
 3f1d8569efba6e4445d7dca3a453af032492c081f37cab95088550520fbbb640 1709 fckeditor_2.6.6-3.dsc
 51975c15413c36780c23950bfb80c8ec6f18b7961d2ff6002c49c81b8017397a 4685 fckeditor_2.6.6-3.diff.gz
 6b8f516266d2a6be8b452ccae85416cf6c88f342b691b93853291b08a592f280 990364 fckeditor_2.6.6-3_all.deb
Files: 
 3ae4ffa84565e319b7942beb75921c00 1709 web optional fckeditor_2.6.6-3.dsc
 37014bd9def8986cfc0b026567f1e932 4685 web optional fckeditor_2.6.6-3.diff.gz
 637c316234f8dbdf5f251b38f4f4fc82 990364 web optional fckeditor_2.6.6-3_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQHD1xAAoJECnja5oB7TrHMekP/3vDS8VHwJM0HNDa+jR5w5rp
ZQhVPZv7c+K5eDK7PAntZvsjQ+3VubbOPcIwu+eKsd9YfVtAXrAQ+JTPHItHwSwn
Qrqw9eLOhHmxz/xVZqJIqWzUcmdTDEDQRRreiPmET0p2gMUY97YNkkfqpw39wQcB
4HvuRcQshGGn3DWQ9oVZe1YYLWQeWIIBRaTrS1ascQ+3S27LCO3EqtcsaGlmik9F
UaGug3vt5/bHW7cNBK3xSgzcwwgaRPKTujM5s3cOlDQ4fpLYa/M3g+IckwsAE63I
wfX9G6pPeW5YihYJtpbIyax6DKNEgJvRbqmYe4LkNaKMdH/SqYQqC8SV2ou1mWeX
P3WpSq6lxNdrMQUtYsnBic7hTVvQkUl/D1bFSGaspQlkJ18nDmpMVp0hRLN7r1sf
s8xGadd7Qo1+oaDECv4e2QFdkyxplonsNRtx7Oc9j2XwiLpj83bZ0rMN2A1QdUx0
cYfge3+Bkno1jQ/WJHfudJcGWzjixbuWpmRSxWHCTcYfGUvWfBbks0e2x3vaIPz/
/HBdRYeJamkYzIedJNEeHCN7b2chXuOCAPGtceU5LPoL0OSm+nPIwBEZ5ajGdJfu
ws1YciYaE4sftXGefr5gn6cmKWnywy+cmb3G8XFXqEOTBYpK9ILTxn7l9HtTpdx1
/z6K2Fq62bjqAqeP6SA0
=6wAN
-----END PGP SIGNATURE-----




Information forwarded to debian-bugs-dist@lists.debian.org:
Bug#683418; Package fckeditor. (Fri, 03 Aug 2012 22:12:07 GMT) Full text and rfc822 format available.

Acknowledgement sent to Frank Habermann <lordlamer@lordlamer.de>:
Extra info received and forwarded to list. (Fri, 03 Aug 2012 22:12:07 GMT) Full text and rfc822 format available.

Message #50 received at 683418@bugs.debian.org (full text, mbox):

From: Frank Habermann <lordlamer@lordlamer.de>
To: "Yves-Alexis Perez" <corsac@debian.org>
Cc: 683418@bugs.debian.org
Subject: Re: Bug#683418: [Debian RT] CVE-2012-4000: XSS vulnerability in fckeditor
Date: Sat, 4 Aug 2012 00:08:21 +0200
[Message part 1 (text/plain, inline)]
Hi,

> > I will create fixed packages tomorrow.
> 
> Please try to isolate fixes from the other upstream changes (if any),
> since we are in freeze. For Squeeze, please build in a clean chroot and
> with -sa.

I uploaded a fixed version to unstable.

A fixed version for squeeze can be found here:
http://debian.lordlamer.de/fckeditor/squeeze/2.6.6/fckeditor_2.6.6-1squeeze1.dsc

Should i contact the release team to unblock the package in testing?
Should i contact the security team?

regards,
Frank
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Frank Habermann <lordlamer@lordlamer.de>:
Bug#683418; Package fckeditor. (Sun, 05 Aug 2012 11:45:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Yves-Alexis Perez <corsac@debian.org>:
Extra info received and forwarded to list. Copy sent to Frank Habermann <lordlamer@lordlamer.de>. (Sun, 05 Aug 2012 11:45:05 GMT) Full text and rfc822 format available.

Message #55 received at 683418@bugs.debian.org (full text, mbox):

From: Yves-Alexis Perez <corsac@debian.org>
To: Frank Habermann <lordlamer@lordlamer.de>
Cc: 683418@bugs.debian.org, rt@bugs.debian.org
Subject: Re: Bug#683418: [rt.debian.org #3976] CVE-2012-4000: XSS vulnerability in fckeditor
Date: Sun, 05 Aug 2012 13:42:03 +0200
[Message part 1 (text/plain, inline)]
On sam., 2012-08-04 at 00:08 +0200, Frank Habermann wrote:
> Hi,
> 
> > > I will create fixed packages tomorrow.
> > 
> > Please try to isolate fixes from the other upstream changes (if any),
> > since we are in freeze. For Squeeze, please build in a clean chroot and
> > with -sa.
> 
> I uploaded a fixed version to unstable.
> 
> A fixed version for squeeze can be found here:
> http://debian.lordlamer.de/fckeditor/squeeze/2.6.6/fckeditor_2.6.6-1squeeze1.dsc

Thanks. You could have contacted your usual sponsor to build it and
upload it to security master, but I'll take care of that.
> 
> Should i contact the release team to unblock the package in testing?

Yes.

> Should i contact the security team?
> 
You already did :)

Regards,
-- 
Yves-Alexis
[signature.asc (application/pgp-signature, inline)]

Reply sent to Frank Habermann <lordlamer@lordlamer.de>:
You have taken responsibility. (Mon, 06 Aug 2012 17:51:05 GMT) Full text and rfc822 format available.

Notification sent to Yves-Alexis Perez <corsac@debian.org>:
Bug acknowledged by developer. (Mon, 06 Aug 2012 17:51:05 GMT) Full text and rfc822 format available.

Message #60 received at 683418-close@bugs.debian.org (full text, mbox):

From: Frank Habermann <lordlamer@lordlamer.de>
To: 683418-close@bugs.debian.org
Subject: Bug#683418: fixed in fckeditor 1:2.6.6-1squeeze1
Date: Mon, 06 Aug 2012 17:47:08 +0000
Source: fckeditor
Source-Version: 1:2.6.6-1squeeze1

We believe that the bug you reported is fixed in the latest version of
fckeditor, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 683418@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Frank Habermann <lordlamer@lordlamer.de> (supplier of updated fckeditor package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 04 Aug 2012 00:00:00 +0200
Source: fckeditor
Binary: fckeditor
Architecture: source all
Version: 1:2.6.6-1squeeze1
Distribution: squeeze-security
Urgency: high
Maintainer: Frank Habermann <lordlamer@lordlamer.de>
Changed-By: Frank Habermann <lordlamer@lordlamer.de>
Description: 
 fckeditor  - rich text format javascript web editor
Closes: 683418
Changes: 
 fckeditor (1:2.6.6-1squeeze1) squeeze-security; urgency=high
 .
   * fixed XSS vulnerability in spellchecker (Closes: #683418) [CVE-2012-4000]
Checksums-Sha1: 
 7adab8651d150409585f43810c3f1c227eb22345 1677 fckeditor_2.6.6-1squeeze1.dsc
 adf2b02af144453d63e1b836e2f089edd477edb1 1012446 fckeditor_2.6.6.orig.tar.gz
 dae18ec038ee07cddbda87ef857c044ce4ac8d30 4707 fckeditor_2.6.6-1squeeze1.diff.gz
 1ef890cebc1472a435fe8dab91407a8fd8e17c8b 986378 fckeditor_2.6.6-1squeeze1_all.deb
Checksums-Sha256: 
 54ec2fe8b24e1abb8d0c71ba5839c986a382512509109d6e9e305b0d6d084029 1677 fckeditor_2.6.6-1squeeze1.dsc
 a22609fecb74483641bfb4ae651e7e4bea677103fe83b0727e670eca10910137 1012446 fckeditor_2.6.6.orig.tar.gz
 09859c414f75861c56f6e26b913b389c873075f38bdc86103ce0a8e49d11e8af 4707 fckeditor_2.6.6-1squeeze1.diff.gz
 355f63aedc2b9e20374e00d056ebb7f97e9df0d3824507806f22697e052cc0ce 986378 fckeditor_2.6.6-1squeeze1_all.deb
Files: 
 4a794abb418b3a6e0892cbe2b356f335 1677 web optional fckeditor_2.6.6-1squeeze1.dsc
 d3db22a0d677369db65699e6b33aedd1 1012446 web optional fckeditor_2.6.6.orig.tar.gz
 db7af392818fefcbea7f1d8727b35315 4707 web optional fckeditor_2.6.6-1squeeze1.diff.gz
 03a6b7348fb3083694057f20a2560502 986378 web optional fckeditor_2.6.6-1squeeze1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJQHl3fAAoJEDBVD3hx7wuoVBEP/0SJ8tOX64ucqG166jlJfvwb
TEbgIYjToL28VNmAl78bQOTzVaqJJBQfp50i05/BiETYrBVw9Fp65vqnA6eGdxA0
FzQl2V8GlTktiCW02axjc8awGqFSSexL6bRfJ2wCX0h1UoVrD4buguh+8LGrf5ao
b5OZIt0KdaSC/X4twKr32hj+95bFmRX+M7KDv8OYEdUzAv3sJ+xiYOzAX4rC7bw8
dYVU96vR8gmrvSYN2jDOOXhSuHA0qusb6XJTR8Kh0HJ5Cp0Ip9Q2xkanWZcmE/in
RIWg4OER1rCBgYctQd80eF0c43LGC7/+JK8R7T8I8bO0T6RJPDNWmlsjRglREV9O
6A2KJe/HGCOVocZymmjIVSNnXWr2L9bQdZ3GKywOJ36zb2OFWMrgtd37gxbZfej4
d+veKsc1WsXN4yob8hNzlJuhYo5TLvWam4mqmky/i+N5d/ZgeVNa191kVep3fJHK
Vy95tln8e5WB+pzqaZtG7FSbr+14e9n22+anL5I+lKZh8tsTbilydQGvOsQTh8a/
jvXDwSKpYwmIOQc4OG1DJbO1z6YCMHErvP4+nBipjadCmNiSCnHZaSz6rV2z9jbN
nGCoFSHOy5GhFgdiyuSzI2G6H2OLrwJvNxHaIrn7u7yvmfFmGPka1D8dVxCEv0in
E7UNC3G9J5iK+Q6sgGAz
=HKRf
-----END PGP SIGNATURE-----




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Tue, 04 Sep 2012 07:26:45 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 24 04:11:24 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.