Bug#507587: marked as done (CVE-2008-5282,CVE-2008-6005,CVE-2009-0323: multiple buffer overflows)

Sat, 04 Apr 2009 02:45:24 -0700 

Your message dated Sat, 4 Apr 2009 09:35:04 +0100
with message-id <200904040835.n348z45o004...@kmos.homeip.net>
and subject line amaya has been removed from Debian, closing #507587
has caused the Debian Bug report #507587,
regarding CVE-2008-5282,CVE-2008-6005,CVE-2009-0323: multiple buffer overflows
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
507587: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507587
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: amaya
Severity: grave
Tags: security
Justification: user security hole

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for amaya.

CVE-2008-5282[0]:
| Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0.1
| allow remote attackers to execute arbitrary code via (1) a link with a
| long HREF attribute, and (2) a DIV tag with a long id attribute.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

Cheers
Steffen

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5282
    http://security-tracker.debian.net/tracker/CVE-2008-5282

--- End Message ---
--- Begin Message --- 
Version: 10.1~pre4+dfsg.0-2+rm

The amaya package has been removed from Debian so we are closing
the bugs that were still opened against it.

For more information about this package's removal, read
http://bugs.debian.org/522418 . That bug might give the reasons why
this package was removed, and suggestions of possible replacements.

Don't hesitate to reply to this mail if you have any question.

Thank you for your contribution to Debian.

Kind regards,
--
Marco Rodrigues

--- End Message ---

Reply via email to