Your message dated Thu, 2 Aug 2012 19:46:47 +0200 with message-id <20120802174647.GO17223@radis.cristau.org> and subject line Re: Bug#683670: unblock: spip/2.1.17-1 has caused the Debian Bug report #683670, regarding unblock: spip/2.1.17-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 683670: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683670 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: spip/2.1.17-1
- From: David Prévot <taffit@debian.org>
- Date: Thu, 02 Aug 2012 13:04:29 -0400
- Message-id: <[🔎] 20120802170429.3848.1643.reportbug@mikado.tilapin.org>
Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Please unblock package spip, it's a minor upstream update that fixes a security issue [1] and a few bugs [2,3,4]. 1: http://core.spip.org/projects/spip/repository/revisions/19753 2: http://core.spip.org/projects/spip/repository/revisions/19693 3: http://core.spip.org/projects/spip/repository/revisions/19759 4: http://core.spip.org/projects/spip/repository/revisions/19767 Full debdiff attached, thanks in advance. unblock spip/2.1.17-1 - -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-3-amd64 (SMP w/1 CPU core) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJQGrMZAAoJELgqIXr9/gnyhskP/0YI62uGhHQ2afJDOgAzwGVc +DhO9zJsHLr0oGE83JvuqYiEa5guEtwxHA7D+bwb82VExHJqDG7Pqv9GHiEOHAxo wV2SuTgzyVcKrFMQuDATaq2S9c6/x6T6BLexbiX6SU4gbJ6df7++qXcxb8jxJdL1 v0g0oeKx/jah5/HBJ4OVnIm9HZdG8O0UBUDs8OGSRtK/vKUMPmq099wGraSQreFD PFycG5wpPSoRTS1B/0uLFtGGmOJBubibIGhpu9KlO8ACVPZaSlD6jG3CrAo+GwKH ij0I9EEMti5JY/5T+odf20UGsa4qvkT6Vg6Llqr87c5+bHJJeUhMPpitnxd27wBj Gww2cznjfLZ2luCIgd4UmqgK8r+ayW8Ye8BRIFWSY/Xe+D0NS/SZtVA/TJrDkiI3 cTvcX2GDjDq4byaWOugxArNfZtw2M/TZJvSECjRHHE2VBh6ak9EJCCOyd9Zpn0/H eD5kwKF90oL9jNcbWbkkh+mJFV5NFTY/pU8mUbUelHUGehXSfay+ywuuDWBUGG6u TdldeVtdH2RfO7g2Zgo+SRk3M75yKbG2oPoT4kixwfTtx4Jq2sv3jDKltnhZdr/b EinqU7lrbdOeeVQqX+THnr5KQq89+RN1KuEjxkdSITWoeWn9bmiI4snFrJ6iC4Va yEcTFg1OkcWCrZYlIrgd =GdZM -----END PGP SIGNATURE-----diffstat for spip-2.1.16 spip-2.1.17 debian/changelog | 6 + debian/patches/fix_displayed_version.patch | 4 ecrire/base/connect_sql.php | 69 +++++++++++++++ ecrire/inc/ajouter_documents.php | 2 ecrire/inc/lien.php | 8 + ecrire/inc/texte.php | 58 ++++++------ ecrire/inc_version.php | 2 ecrire/public/balises.php | 4 ecrire/req/mysql.php | 10 +- ecrire/req/sqlite_generique.php | 22 +--- extensions/porte_plume/javascript/jquery.previsu_spip.js | 4 extensions/porte_plume/plugin.xml | 2 svn.revision | 12 +- 13 files changed, 145 insertions(+), 58 deletions(-) diff -Nru spip-2.1.16/debian/changelog spip-2.1.17/debian/changelog --- spip-2.1.16/debian/changelog 2012-07-04 08:46:23.000000000 -0400 +++ spip-2.1.17/debian/changelog 2012-08-02 12:35:20.000000000 -0400 @@ -1,3 +1,9 @@ +spip (2.1.17-1) unstable; urgency=low + + * New upstream version, fixes base disclosure (Closes: #683667). + + -- David Prévot <taffit@debian.org> Thu, 02 Aug 2012 12:34:29 -0400 + spip (2.1.16-1) unstable; urgency=high * New upstream version: diff -Nru spip-2.1.16/debian/patches/fix_displayed_version.patch spip-2.1.17/debian/patches/fix_displayed_version.patch --- spip-2.1.16/debian/patches/fix_displayed_version.patch 2012-07-04 08:30:47.000000000 -0400 +++ spip-2.1.17/debian/patches/fix_displayed_version.patch 2012-08-02 11:41:11.000000000 -0400 @@ -2,7 +2,7 @@ Make it obvious it's a Debian (patched) version Forwarded: not-needed Author: David Prévot <taffit@debian.org> -Last-Update: 2012-07-04 +Last-Update: 2012-08-02 --- a/ecrire/inc_version.php +++ b/ecrire/inc_version.php @@ -423,7 +423,7 @@ @@ -10,7 +10,7 @@ // 1.xxyy : xx00 versions stables publiees, xxyy versions de dev // (ce qui marche pour yy ne marchera pas forcement sur une version plus ancienne) -$spip_version_affichee = "$spip_version_branche"; -+$spip_version_affichee = "2.1.16-1 (Debian)"; ++$spip_version_affichee = "2.1.17-1 (Debian)"; // ** Securite ** $visiteur_session = $auteur_session = $connect_statut = $connect_toutes_rubriques = $hash_recherche = $hash_recherche_strict = $ldap_present =''; diff -Nru spip-2.1.16/ecrire/base/connect_sql.php spip-2.1.17/ecrire/base/connect_sql.php --- spip-2.1.16/ecrire/base/connect_sql.php 2012-07-03 11:31:38.000000000 -0400 +++ spip-2.1.17/ecrire/base/connect_sql.php 2012-08-01 15:30:59.000000000 -0400 @@ -343,6 +343,75 @@ return ''; } +/** + * Echapper les textes entre ' ' ou " " d'une requete SQL + * avant son pre-traitement + * On renvoi la query sans textes et les textes separes, dans + * leur ordre d'apparition dans la query + * + * @param string $query + * @return array + */ +function query_echappe_textes($query){ + static $codeEchappements = array("''"=>"\x1@##@\x1", "\'"=>"\x2@##@\x2", "\\\""=>"\x3@##@\x3"); + $query = str_replace(array_keys($codeEchappements), array_values($codeEchappements), $query); + if (preg_match_all("/((['])[^']*(\\2))|(([\"])[^\"]*(\\5))/S",$query,$textes)){ + $textes = reset($textes); // indice 0 du match + switch(count($textes)){ + case 0:$replace=array();break; + case 1:$replace=array('%1$s');break; + case 2:$replace=array('%1$s','%2$s');break; + case 3:$replace=array('%1$s','%2$s','%3$s');break; + case 4:$replace=array('%1$s','%2$s','%3$s','%4$s');break; + case 5:$replace=array('%1$s','%2$s','%3$s','%4$s','%5$s');break; + default: + $replace = range(1,count($textes)); + $replace = '%'.implode('$s,%',$replace).'$s'; + $replace = explode(',',$replace); + break; + } + $query = str_replace($textes,$replace,$query); + } + else + $textes = array(); + + return array($query, $textes); +} + +/** + * Reinjecter les textes d'une requete SQL a leur place initiale, + * apres traitement de la requete + * + * @param string $query + * @param array $textes + * @return string + */ +function query_reinjecte_textes($query, $textes){ + static $codeEchappements = array("''"=>"\x1@##@\x1", "\'"=>"\x2@##@\x2", "\\\""=>"\x3@##@\x3"); + # debug de la substitution + #if (($c1=substr_count($query,"%"))!=($c2=count($textes))){ + # spip_log("$c1 ::". $query,"tradquery"._LOG_ERREUR); + # spip_log("$c2 ::". var_export($textes,1),"tradquery"._LOG_ERREUR); + # spip_log("ini ::". $qi,"tradquery"._LOG_ERREUR); + #} + switch (count($textes)){ + case 0:break; + case 1:$query=sprintf($query,$textes[0]);break; + case 2:$query=sprintf($query,$textes[0],$textes[1]);break; + case 3:$query=sprintf($query,$textes[0],$textes[1],$textes[2]);break; + case 4:$query=sprintf($query,$textes[0],$textes[1],$textes[2],$textes[3]);break; + case 5:$query=sprintf($query,$textes[0],$textes[1],$textes[2],$textes[3],$textes[4]);break; + default: + array_unshift($textes,$query); + $query = call_user_func_array('sprintf',$textes); + break; + } + + $query = str_replace(array_values($codeEchappements), array_keys($codeEchappements), $query); + + return $query; +} + // Pour compatibilite. Ne plus utiliser. // http://doc.spip.org/@spip_query function spip_query($query, $serveur='') { diff -Nru spip-2.1.16/ecrire/inc/ajouter_documents.php spip-2.1.17/ecrire/inc/ajouter_documents.php --- spip-2.1.16/ecrire/inc/ajouter_documents.php 2012-07-03 11:31:38.000000000 -0400 +++ spip-2.1.17/ecrire/inc/ajouter_documents.php 2012-08-01 15:30:59.000000000 -0400 @@ -469,6 +469,8 @@ return 'jpg'; case 'tiff': return 'tif'; + case 'aif': + return 'aiff'; case 'mpeg': return 'mpg'; default: diff -Nru spip-2.1.16/ecrire/inc/lien.php spip-2.1.17/ecrire/inc/lien.php --- spip-2.1.16/ecrire/inc/lien.php 2012-07-03 11:31:38.000000000 -0400 +++ spip-2.1.17/ecrire/inc/lien.php 2012-08-01 15:30:59.000000000 -0400 @@ -68,7 +68,10 @@ $lang = ($hlang ? " hreflang='$hlang'" : ''); - if ($title) $title = ' title="'.texte_backend($title).'"'; + if ($title) + $title = ' title="'.texte_backend($title).'"'; + else + $title = ''; // $title peut etre 'false' // rel=external pour les liens externes if (preg_match(',^https?://,S', $lien) @@ -174,7 +177,7 @@ // http://doc.spip.org/@traiter_raccourci_lien_atts function traiter_raccourci_lien_atts($texte) { - $bulle = $hlang = ''; + $bulle = $hlang = false; // title et hreflang donnes par le raccourci ? if (preg_match(_RACCOURCI_ATTRIBUTS, $texte, $m)) { @@ -551,6 +554,7 @@ $gloss = $m[1] ? ('#' . $m[1]) : ''; $t = $r[1] . $r[2] . $r[5]; list($t, $bulle, $hlang) = traiter_raccourci_lien_atts($t); + if ($bulle===false) $bulle = $m[1]; $t = unicode2charset(charset2unicode($t), 'utf-8'); $ref = $lien("glose$_n$gloss", $t, 'spip_glossaire', $bulle, $hlang); $texte = str_replace($regs[0], $ref, $texte); diff -Nru spip-2.1.16/ecrire/inc/texte.php spip-2.1.17/ecrire/inc/texte.php --- spip-2.1.16/ecrire/inc/texte.php 2012-07-03 11:31:38.000000000 -0400 +++ spip-2.1.17/ecrire/inc/texte.php 2012-08-01 15:30:59.000000000 -0400 @@ -576,7 +576,9 @@ // Tableaux // +define('_RACCOURCI_CAPTION', ',^\|\|([^|]*)(\|(.*))?$,sS'); define('_RACCOURCI_TH_SPAN', '\s*(?:{{[^{}]+}}\s*)?|<'); +define('_RACCOURCI_THEAD', true); // http://doc.spip.org/@traiter_tableau function traiter_tableau($bloc) { @@ -595,19 +597,17 @@ $l ++; // Gestion de la premiere ligne : - if ($l == 1) { + if (($l == 1) AND preg_match(_RACCOURCI_CAPTION, rtrim($ligne,'|'), $cap)) { // - <caption> et summary dans la premiere ligne : // || caption | summary || (|summary est optionnel) - if (preg_match(',^\|\|([^|]*)(\|(.*))?$,sS', rtrim($ligne,'|'), $cap)) { - $l = 0; - if ($caption = trim($cap[1])) - $debut_table .= "<caption>".$caption."</caption>\n"; + $l = 0; + if ($caption = trim($cap[1])) + $debut_table .= "<caption>".$caption."</caption>\n"; $summary = ' summary="'.entites_html(trim($cap[3])).'"'; - } - // - <thead> sous la forme |{{titre}}|{{titre}}| - // Attention thead oblige a avoir tbody - else if (preg_match($reg_line1, $ligne)) { - preg_match_all('/\|([^|]*)/S', $ligne, $cols); + } else { + // - <th> sous la forme |{{titre}}|{{titre}}| + if (preg_match($reg_line1, $ligne)) { + preg_match_all('/\|([^|]*)/S', $ligne, $cols); $ligne='';$cols= $cols[1]; $colspan=1; for($c=count($cols)-1; $c>=0; $c--) { @@ -615,7 +615,7 @@ if($cols[$c]=='<') { $colspan++; } else { - if($colspan>1) { + if ($colspan>1) { $attr= " colspan='$colspan'"; $colspan=1; } @@ -624,15 +624,9 @@ $ligne= "<th scope='col'$attr>$cols[$c]</th>$ligne"; } } - - $debut_table .= "<thead><tr class='row_first'>". - $ligne."</tr></thead>\n"; - $l = 0; - } - } - - // Sinon ligne normale - if ($l) { + $lignes[] = $ligne; + } else { + // Sinon ligne normale // Gerer les listes a puce dans les cellules if (strpos($ligne,"\n-*")!==false OR strpos($ligne,"\n-#")!==false) $ligne = traiter_listes($ligne); @@ -643,6 +637,7 @@ // tout mettre dans un tableau 2d preg_match_all('/\|([^|]*)/S', $ligne, $cols); $lignes[]= $cols[1]; + } } } @@ -660,6 +655,7 @@ $align = true; for ($j=0;$j<$k;$j++) $rowspans[$j][$i] = 1; for ($j=0;$j<$k;$j++) { + if (!is_array($lignes[$j])) continue; // cas du th $cell = trim($lignes[$j][$i]); if (preg_match($reg_line_all, $cell)) { if (!preg_match('/^\d+([.,]?)\d*$/', $cell, $r)) @@ -676,10 +672,14 @@ for($l=count($lignes)-1; $l>=0; $l--) { $cols= $lignes[$l]; - $colspan=1; - $ligne=''; - - for($c=count($cols)-1; $c>=0; $c--) { + if (!is_array($cols)) { + $class = 'first'; + $ligne = $cols; + } else { + $ligne=''; + $colspan=1; + $class = alterner($l+1, 'even', 'odd'); + for($c=count($cols)-1; $c>=0; $c--) { $attr= $numeric[$c]; $cell = trim($cols[$c]); if($cell=='<') { @@ -698,17 +698,17 @@ } $ligne= "\n<td".$attr.'>'.$cols[$c].'</td>'.$ligne; } + } } - - // ligne complete - $class = alterner($l+1, 'even', 'odd'); $html = "<tr class='row_$class'>$ligne</tr>\n$html"; } + if (_RACCOURCI_THEAD + AND preg_match("@^(<tr class='row_first'.*?</tr>)(.*)$@s", $html, $m)) + $html = "<thead>$m[1]</thead>\n<tbody>$m[2]</tbody>\n"; + return "\n\n<table".$GLOBALS['class_spip_plus'].$summary.">\n" . $debut_table - . "<tbody>\n" . $html - . "</tbody>\n" . "</table>\n\n"; } diff -Nru spip-2.1.16/ecrire/inc_version.php spip-2.1.17/ecrire/inc_version.php --- spip-2.1.16/ecrire/inc_version.php 2012-07-03 11:31:38.000000000 -0400 +++ spip-2.1.17/ecrire/inc_version.php 2012-08-01 15:31:00.000000000 -0400 @@ -410,7 +410,7 @@ // numero de branche, utilise par les plugins // pour specifier les versions de SPIP necessaire // il faut s'en tenir a un nombre de decimales fixe ex : 2.0.0, 2.0.0-dev, 2.0.0-beta, 2.0.0-beta2 -$spip_version_branche = "2.1.16"; +$spip_version_branche = "2.1.17"; // version des signatures de fonctions PHP // (= numero SVN de leur derniere modif cassant la compatibilite et/ou necessitant un recalcul des squelettes) $spip_version_code = 15375; diff -Nru spip-2.1.16/ecrire/public/balises.php spip-2.1.17/ecrire/public/balises.php --- spip-2.1.16/ecrire/public/balises.php 2012-07-03 11:31:38.000000000 -0400 +++ spip-2.1.17/ecrire/public/balises.php 2012-08-01 15:31:00.000000000 -0400 @@ -589,8 +589,8 @@ '; // pas de calculs superflus si le site est monolingue $lang = strpos($GLOBALS['meta']['langues_utilisees'], ','); - - switch (!$p->id_boucle? '' : $p->boucles[$p->id_boucle]->type_requete) { + $idb = $p->id_boucle; + switch (!isset($p->boucle[$idb])? '' : $p->boucles[$idb]->type_requete) { case 'articles': $c = '"id_article=".' . champ_sql('id_article', $p); if ($lang) $lang = champ_sql('lang', $p); diff -Nru spip-2.1.16/ecrire/req/mysql.php spip-2.1.17/ecrire/req/mysql.php --- spip-2.1.16/ecrire/req/mysql.php 2012-07-03 11:31:37.000000000 -0400 +++ spip-2.1.17/ecrire/req/mysql.php 2012-08-01 15:30:57.000000000 -0400 @@ -291,8 +291,14 @@ } else { $suite = strstr($query, $regs[0]); $query = substr($query, 0, -strlen($suite)); - if (preg_match('/^(.*?)([(]\s*SELECT\b.*)$/si', $suite, $r)) { - $suite = $r[1] . traite_query($r[2], $db, $prefixe); + // propager le prefixe en cas de requete imbriquee + // il faut alors echapper les chaine avant de le faire, pour ne pas risquer de + // modifier une requete qui est en fait juste du texte dans un champ + if (stripos($suite,"SELECT")!==false) { + list($suite,$textes) = query_echappe_textes($suite); + if (preg_match('/^(.*?)([(]\s*SELECT\b.*)$/si', $suite, $r)) + $suite = $r[1] . traite_query($r[2], $db, $prefixe); + $suite = query_reinjecte_textes($suite, $textes); } } $r = preg_replace(_SQL_PREFIXE_TABLE, '\1'.$pref, $query) . $suite; diff -Nru spip-2.1.16/ecrire/req/sqlite_generique.php spip-2.1.17/ecrire/req/sqlite_generique.php --- spip-2.1.16/ecrire/req/sqlite_generique.php 2012-07-03 11:31:37.000000000 -0400 +++ spip-2.1.17/ecrire/req/sqlite_generique.php 2012-08-01 15:30:57.000000000 -0400 @@ -1666,7 +1666,6 @@ // Pour les corrections a effectuer sur les requetes : var $textes = array(); // array(code=>'texte') trouvé - var $codeEchappements = "%@##@%"; // constructeur @@ -1749,16 +1748,13 @@ // enleve les textes, transforme la requete pour quelle soit // bien interpretee par sqlite, puis remet les textes // la fonction affecte $this->query -// http://doc.spip.org/@traduire_requete + // http://doc.spip.org/@traduire_requete function traduire_requete(){ // // 1) Protection des textes en les remplacant par des codes // - // enlever les echappements '' - $this->query = str_replace("''", $this->codeEchappements, $this->query); - // enlever les 'textes' - $this->textes = array(); // vider - $this->query = preg_replace_callback("/('[^']*')/", array(&$this, '_remplacerTexteParCode'), $this->query); + // enlever les 'textes' et initialiser avec + list($this->query, $textes) = query_echappe_textes($this->query); // // 2) Corrections de la requete @@ -1859,12 +1855,12 @@ // // 3) Remise en place des textes d'origine // - // remettre les 'textes' - foreach ($this->textes as $cle=>$val){ - $this->query = str_replace($cle, $val, $this->query); - } - // remettre les echappements '' - $this->query = str_replace($this->codeEchappements,"''",$this->query); + // Correction Antiquotes et echappements + // ` => rien + if (strpos($this->query,'`')!==false) + $this->query = str_replace('`','', $this->query); + + $this->query = query_reinjecte_textes($this->query, $textes); } diff -Nru spip-2.1.16/extensions/porte_plume/javascript/jquery.previsu_spip.js spip-2.1.17/extensions/porte_plume/javascript/jquery.previsu_spip.js --- spip-2.1.16/extensions/porte_plume/javascript/jquery.previsu_spip.js 2012-07-03 14:38:48.000000000 -0400 +++ spip-2.1.17/extensions/porte_plume/javascript/jquery.previsu_spip.js 2012-08-01 16:31:56.000000000 -0400 @@ -48,6 +48,10 @@ objet[1]) ) .removeClass('ajaxLoad'); + + //ouvre un nouvel onglet lorsqu'on clique sur un lien dans la prévisualisation + $(".markItUpPreview a").attr("target","blank"); + return false; }); $('.previsuEditer').click(function(){ diff -Nru spip-2.1.16/extensions/porte_plume/plugin.xml spip-2.1.17/extensions/porte_plume/plugin.xml --- spip-2.1.16/extensions/porte_plume/plugin.xml 2012-07-03 14:38:48.000000000 -0400 +++ spip-2.1.17/extensions/porte_plume/plugin.xml 2012-08-01 16:31:56.000000000 -0400 @@ -10,7 +10,7 @@ </slogan> <auteur>Matthieu Marcillaud</auteur> <licence>GNU/GPL</licence> - <version>1.7.8</version> + <version>1.7.9</version> <description> <multi> [fr]Porte plume est une barre d'outil extensible pour SPIP qui diff -Nru spip-2.1.16/svn.revision spip-2.1.17/svn.revision --- spip-2.1.16/svn.revision 2012-07-03 11:11:27.000000000 -0400 +++ spip-2.1.17/svn.revision 2012-08-01 14:51:34.000000000 -0400 @@ -1,10 +1,10 @@ <svn_revision> <text_version> -Origine: svn://trac.rezo.net/spip/tags/spip-2.1.16 -Revision: 19678 -Dernier commit: 2012-07-03 17:11:27 +0200 +Origine: svn://trac.rezo.net/spip/tags/spip-2.1.17 +Revision: 19782 +Dernier commit: 2012-08-01 20:51:34 +0200 </text_version> -<origine>svn://trac.rezo.net/spip/tags/spip-2.1.16</origine> -<revision>19678</revision> -<commit>2012-07-03 17:11:27 +0200 </commit> +<origine>svn://trac.rezo.net/spip/tags/spip-2.1.17</origine> +<revision>19782</revision> +<commit>2012-08-01 20:51:34 +0200 </commit> </svn_revision> \ Pas de fin de ligne à la fin du fichier
--- End Message ---
--- Begin Message ---
- To: David Prévot <taffit@debian.org>, 683670-done@bugs.debian.org
- Subject: Re: Bug#683670: unblock: spip/2.1.17-1
- From: Julien Cristau <jcristau@debian.org>
- Date: Thu, 2 Aug 2012 19:46:47 +0200
- Message-id: <20120802174647.GO17223@radis.cristau.org>
- In-reply-to: <[🔎] 20120802170429.3848.1643.reportbug@mikado.tilapin.org>
- References: <[🔎] 20120802170429.3848.1643.reportbug@mikado.tilapin.org>
On Thu, Aug 2, 2012 at 13:04:29 -0400, David Prévot wrote: > unblock spip/2.1.17-1 > Unblocked. Cheers, JulienAttachment: signature.asc
Description: Digital signature
--- End Message ---