Your message dated Wed, 23 Feb 2005 13:49:37 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Bug#296582: security fixed version 2.0.12 available
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 23 Feb 2005 12:17:27 +0000
>From [EMAIL PROTECTED] Wed Feb 23 04:17:27 2005
Return-path: <[EMAIL PROTECTED]>
Received: from nyx.verfaction.de (mx.verfaction.de) [212.9.161.72] (Debian-exim)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D3vSI-0005dl-00; Wed, 23 Feb 2005 04:17:27 -0800
Received: from kk by mx.verfaction.de with local (Exim 4.34)
id 1D3vSF-00067P-Hn
for [EMAIL PROTECTED]; Wed, 23 Feb 2005 13:17:23 +0100
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Kilian Krause <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
X-Mailer: reportbug 3.8
Date: Wed, 23 Feb 2005 13:17:23 +0100
Message-Id: <[EMAIL PROTECTED]>
Sender: Kilian Krause <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: <locally generated>
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
Subject: security fixed version 2.0.12 available
X-SA-Exim-Version: 4.2 (built Tue, 25 Jan 2005 19:36:50 +0100)
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: phpbb2
Version: 2.0.11-1
Severity: critical
Tags: security
Hi,
version 2.0.12 was released to fix potential security exploits. Even
though there seems to be no practical exploit in the wild yet, this is
no reason to assume there is no existing one.
Details are at:
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=265423
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (990, 'testing'), (800, 'unstable')
Architecture: i386 (x86_64)
Kernel: Linux 2.6.10-vs1.9.3.16
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages phpbb2 depends on:
ii apache2 2.0.52-3 Next generation, scalable, extenda
ii apache2-mpm-prefork [httpd] 2.0.52-3 Traditional model for Apache2
ii debconf 1.4.30.11 Debian configuration management sy
ii libapache2-mod-php4 4:4.3.10-2 server-side, HTML-embedded scripti
ii php4 4:4.3.10-2 server-side, HTML-embedded scripti
ii php4-mysql 4:4.3.10-2 MySQL module for php4
ii php4-pgsql 3:4.3.9-1 PostgreSQL module for php4
-- debconf information excluded
---------------------------------------
Received: (at 296582-done) by bugs.debian.org; 23 Feb 2005 12:49:49 +0000
>From [EMAIL PROTECTED] Wed Feb 23 04:49:49 2005
Return-path: <[EMAIL PROTECTED]>
Received: from a-eskwadraat.nl [131.211.34.218]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1D3vxS-0001sM-00; Wed, 23 Feb 2005 04:49:38 -0800
Received: from jeroen by A-Eskwadraat.nl with local (Exim 3.35 #1 (Debian))
id 1D3vxR-0002rw-00
for <[EMAIL PROTECTED]>; Wed, 23 Feb 2005 13:49:37 +0100
Date: Wed, 23 Feb 2005 13:49:37 +0100
To: [EMAIL PROTECTED]
Subject: Re: Bug#296582: security fixed version 2.0.12 available
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[EMAIL PROTECTED]>
User-Agent: Mutt/1.3.28i
From: Jeroen van Wolffelaar <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
On Wed, Feb 23, 2005 at 01:17:23PM +0100, Kilian Krause wrote:
> Hi,
>
> version 2.0.12 was released to fix potential security exploits. Even
> though there seems to be no practical exploit in the wild yet, this is
> no reason to assume there is no existing one.
phpbb2 | 2.0.11-1 | testing | source, all
phpbb2 | 2.0.12-1 | unstable | source, all
Please check whether maybe the maintainer has already uploaded the
newest version -- it hit unstable less than 24 hours after the version
version got announced, and this is visible on packages.debian.org.
--Jeroen
--
Jeroen van Wolffelaar
[EMAIL PROTECTED] (also for Jabber & MSN; ICQ: 33944357)
http://Jeroen.A-Eskwadraat.nl
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
