Your message dated Sun, 20 Mar 2005 11:17:13 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#299857: fixed in luxman 0.41-20
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 16 Mar 2005 23:37:29 +0000
>From [EMAIL PROTECTED] Wed Mar 16 15:37:28 2005
Return-path: <[EMAIL PROTECTED]>
Received: from kitenet.net [64.62.161.42] (postfix)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DBi4u-0005Wt-00; Wed, 16 Mar 2005 15:37:28 -0800
Received: from dragon.kitenet.net (unknown [66.168.94.177])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(Client CN "Joey Hess", Issuer "Joey Hess" (verified OK))
by kitenet.net (Postfix) with ESMTP id 1B0A117F6C
for <[EMAIL PROTECTED]>; Wed, 16 Mar 2005 23:37:28 +0000 (GMT)
Received: by dragon.kitenet.net (Postfix, from userid 1000)
id D0A9A6E13A; Wed, 16 Mar 2005 18:40:20 -0500 (EST)
Date: Wed, 16 Mar 2005 18:40:20 -0500
From: Joey Hess <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: missing fix for CAN-2005-0385 in unstable
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="SUOF0GtieIMvvwua"
Content-Disposition: inline
X-Reportbug-Version: 3.8
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
--SUOF0GtieIMvvwua
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: luxman
Severity: grave
Tags: security
DSA-693-1 claimed that the security hole CAN-2005-0385 was fixed in
unstable in luxman 0.41-20, but it's been two days and I do not see that
version has been uploaded.=20
Some details on the hole from the DSA:
Kevin Finisterre discovered a buffer overflow in luxman, an SVGA based =
PacMan clone, that could lead to the execution of arbitrary commands as roo=
t.
For the stable distribution (woody) this problem has been fixed in vers=
ion 0.41-17.2.
For the unstable distribution (sid) this problem has been fixed in vers=
ion 0.41-20.
We recommend that you upgrade your luxman package.
Additional details were posted on bugtraq, but I don't have an url handy.
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.27
Locale: LANG=3Den_US.UTF-8, LC_CTYPE=3Den_US.UTF-8 (charmap=3DUTF-8)
Versions of packages luxman depends on:
ii libc6 2.3.2.ds1-20 GNU C Library: Shared librarie=
s an
ii libgcc1 1:3.4.3-12 GCC support library
ii libstdc++5 1:3.3.5-12 The GNU Standard C++ Library v3
ii libsvga1 [svgalibg1] 1:1.4.3-21 console SVGA display libraries
--=20
see shy jo
--SUOF0GtieIMvvwua
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCOMPjd8HHehbQuO8RAiWHAJwL+zxFbyhTwBbYpUnT7tvmUO+2CACfUmvm
itYkKlvw96OHj00LULExMNM=
=D7Zx
-----END PGP SIGNATURE-----
--SUOF0GtieIMvvwua--
---------------------------------------
Received: (at 299857-close) by bugs.debian.org; 20 Mar 2005 16:27:30 +0000
>From [EMAIL PROTECTED] Sun Mar 20 08:27:30 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DD3H0-0001WH-00; Sun, 20 Mar 2005 08:27:30 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DD373-0008TD-00; Sun, 20 Mar 2005 11:17:13 -0500
From: LENART Janos <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#299857: fixed in luxman 0.41-20
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sun, 20 Mar 2005 11:17:13 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 4
Source: luxman
Source-Version: 0.41-20
We believe that the bug you reported is fixed in the latest version of
luxman, which is due to be installed in the Debian FTP archive:
luxman_0.41-20.diff.gz
to pool/main/l/luxman/luxman_0.41-20.diff.gz
luxman_0.41-20.dsc
to pool/main/l/luxman/luxman_0.41-20.dsc
luxman_0.41-20_i386.deb
to pool/main/l/luxman/luxman_0.41-20_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
LENART Janos <[EMAIL PROTECTED]> (supplier of updated luxman package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 20 Mar 2005 16:36:10 +0100
Source: luxman
Binary: luxman
Architecture: source i386
Version: 0.41-20
Distribution: unstable
Urgency: high
Maintainer: Debian QA Group <[EMAIL PROTECTED]>
Changed-By: LENART Janos <[EMAIL PROTECTED]>
Description:
luxman - Pac-Man clone (svgalib based)
Closes: 192189 243197 263618 299857
Changes:
luxman (0.41-20) unstable; urgency=high
.
* Orphaning the package.
* Fixed buffer overflow. (closes: Bug#299857)
* Removed C-B-D svgalibg1-dummy. (closes: Bug#243197)
* Fixed some gcc 3 related bugs. (closes: Bug#263618, Bug#192189)
* Upgraded Standards-Version, fixed menu file.
Files:
ee00fd4f263a73a9ce9418827440fe09 571 games optional luxman_0.41-20.dsc
a2470e59a33a1e86a97484c399846c91 8416 games optional luxman_0.41-20.diff.gz
d36b5aeb4176947a3179202d1da6a233 277354 games optional luxman_0.41-20_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCPZ7LefzP0rBFj00RAjSFAKDcFTVcz+xw7/gkBvXDEsPWyuCBJwCfQPMs
asKxt0CHf36wma8UUVHlgI8=
=HL+l
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
