Your message dated Fri, 03 Aug 2007 16:32:03 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#435707: fixed in teamspeak-server 2.0.23.19-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: teamspeak-server
Version: 2.0.20.1-2
Severity: grave
Tags: security
Justification: user security hole
Two security issues have been found in Teamspeak server. One allows
to read arbitrary files from remote (no CVE id yet):
http://www.planetteamspeak.com/content/view/98/65/
The other is a denial of service (CVE-2007-3956).
Both issues are fixed in the beta version 2.0.23.19 .
--- End Message ---
--- Begin Message ---
Source: teamspeak-server
Source-Version: 2.0.23.19-1
We believe that the bug you reported is fixed in the latest version of
teamspeak-server, which is due to be installed in the Debian FTP archive:
teamspeak-server_2.0.23.19-1.diff.gz
to pool/non-free/t/teamspeak-server/teamspeak-server_2.0.23.19-1.diff.gz
teamspeak-server_2.0.23.19-1.dsc
to pool/non-free/t/teamspeak-server/teamspeak-server_2.0.23.19-1.dsc
teamspeak-server_2.0.23.19-1_i386.deb
to pool/non-free/t/teamspeak-server/teamspeak-server_2.0.23.19-1_i386.deb
teamspeak-server_2.0.23.19.orig.tar.gz
to pool/non-free/t/teamspeak-server/teamspeak-server_2.0.23.19.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Adam Cécile (Le_Vert) <[EMAIL PROTECTED]> (supplier of updated
teamspeak-server package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 03 Aug 2007 00:46:27 +0200
Source: teamspeak-server
Binary: teamspeak-server
Architecture: source i386
Version: 2.0.23.19-1
Distribution: unstable
Urgency: high
Maintainer: Adam Cécile (Le_Vert) <[EMAIL PROTECTED]>
Changed-By: Adam Cécile (Le_Vert) <[EMAIL PROTECTED]>
Description:
teamspeak-server - VoIP chat for online gaming (server)
Closes: 435707
Changes:
teamspeak-server (2.0.23.19-1) unstable; urgency=HIGH
.
* Urgency set to high : fix two remote exploitable security issues.
* New upstream release (Closes: #435707) :
- Fix a security issue that allow attacker to read files from the
filesystem of a host through the TCP query interface (no CVE yet),
- Fix another vulnerability that allows remote attackers to cause a denial
of service (CPU and memory consumption) via long username and password
parameters in a request to login.tscmd (CVE-2007-3956).
Files:
25446b83c73c5cd7e51f95cb63a8401f 625 non-free/net optional
teamspeak-server_2.0.23.19-1.dsc
c09bf1318e6f4e4ae91a4fd8340cbee0 1115568 non-free/net optional
teamspeak-server_2.0.23.19.orig.tar.gz
67399253515bd21e090fb4aa4deac213 13947 non-free/net optional
teamspeak-server_2.0.23.19-1.diff.gz
0a123efa028a28983b13077e31412490 1093748 non-free/net optional
teamspeak-server_2.0.23.19-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGs1RFbxelr8HyTqQRAtx0AJ9d2+AzjGbElZUjKmlNHV8uG1gs9ACeMN3Y
rAXmw6DQaypxwU4a5MYz/D0=
=Bskf
-----END PGP SIGNATURE-----
--- End Message ---
