-suphp (0.6.2-2+lenny0) testing-security; urgency=high
+suphp (0.6.2-3) unstable; urgency=low
- * The following security issue is addressed with this update:
- - CVE-2008-1614: allows local users to gain privileges via a race
- condition in symlinks handling
+ * debian/conf/suphp.conf: by default, deactivate suPHP for applications in
+ /usr/share (owned by uid 0) (closes: #472352, closes: #420007)
+ * debian/control: bump standard-version
- -- Emmanuel Lacour <elacour@home-dn.net> Fri, 11 Apr 2008 11:31:28 +0200
+ -- Emmanuel Lacour <elacour@home-dn.net> Wed, 04 Jun 2008 10:04:08 +0200
+
+suphp (0.6.2-2.1) unstable; urgency=high
+
+ * Non-maintainer upload by the security team
+ * Fix race condition in symlink handling by adding
+ 04_CVE-2008-1614.dpatch (Closes: #475431) Fixes: CVE-2008-1614
+
+ -- Steffen Joeris <white@debian.org> Sat, 10 May 2008 08:48:45 +0000
suphp (0.6.2-2) unstable; urgency=low