Your message dated Thu, 27 Dec 2007 14:59:29 +0100
with message-id <[EMAIL PROTECTED]>
and subject line flashplugin-nonfree: Security issue fixed in unstable
[CVE-2007-3456]
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: flashplugin-nonfree
Version: 9.0.31.0.1
Severity: grave
Tags: security, etch, upstream, fixed-upstream
Justification: user security hole (and won't install)
Upstream for this package (Adobe) has released version 9.0.48 as a
security update for version 9.0.31.
There is also an upstream security bulletin APSB07-12 at
<http://www.adobe.com/support/security/bulletins/apsb07-12.html>
it cross references [CVE-2007-3456]. It also cross references two
other CVE numbers which only affect versions not in stable (etch).
The upstream security update 9.0.48 has already been included in
unstable, but is not included in stable.
oldstable (sarge) contains version 7 of this plugin which might
not be affected by CVE-2007-3456 (the Adobe advisory is vague on
this). oldstable is affected by CVE-2007-2002 though, see separate
bug report.
Additional note: as reported in bug #432755, the package currently
in stable (etch) does not install because Adobe has removed the
vulnerable version from its download servers. Publishing 9.0.48
(or a backport of it) on security.debian.org should fix that too.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /basnxt32/bin/bash
Kernel: Linux 2.6.21jbj3.4-21
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
Versions of packages flashplugin-nonfree depends on:
ii debconf [debconf-2.0] 1.5.11 Debian configuration management sy
ii fontconfig 2.4.2-1.2 generic font configuration library
ii libatk1.0-0 1.12.4-3 The ATK accessibility toolkit
ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries
ii libcairo2 1.2.4-4 The Cairo 2D vector graphics libra
ii libexpat1 1.95.8-3.4 XML parsing C library - runtime li
ii libfontconfig1 2.4.2-1.2 generic font configuration library
ii libfreetype6 2.2.1-5 FreeType 2 font engine, shared lib
ii libglib2.0-0 2.12.4-2 The GLib library of C routines
ii libgtk2.0-0 2.8.20-7 The GTK+ graphical user interface
ii libice6 1:1.0.1-2 X11 Inter-Client Exchange library
ii libpango1.0-0 1.14.8-5 Layout and rendering of internatio
ii libpng12-0 1.2.15~beta5-1 PNG library - runtime
ii libsm6 1:1.0.1-3 X11 Session Management library
ii libx11-6 2:1.0.3-7 X11 client-side library
ii libxau6 1:1.0.1-2 X11 authorisation library
ii libxcursor1 1.1.7-4 X cursor management library
ii libxdmcp6 1:1.0.1-2 X11 Display Manager Control Protoc
ii libxext6 1:1.0.1-2 X11 miscellaneous extension librar
ii libxfixes3 1:4.0.1-5 X11 miscellaneous 'fixes' extensio
ii libxi6 1:1.0.1-4 X11 Input extension library
ii libxinerama1 1:1.0.1-4.1 X11 Xinerama extension library
ii libxrandr2 2:1.1.0.2-5 X11 RandR extension library
ii libxrender1 1:0.9.1-3 X Rendering Extension client libra
ii libxt6 1:1.0.2-2 X11 toolkit intrinsics library
ii wget 1.10.2-2 retrieves files from the web
ii zlib1g 1:1.2.3-13 compression library - runtime
Versions of packages flashplugin-nonfree recommends:
pn xfs <none> (no description available)
-- debconf information:
flashplugin-nonfree/not_exist:
flashplugin-nonfree/local:
flashplugin-nonfree/httpget: false
--- End Message ---
--- Begin Message ---
Yeeey, Debian stable has been updated ! :)
--- End Message ---
