Your message dated Fri, 04 Sep 2009 18:32:13 +0000
with message-id <e1mjda1-00065l...@ries.debian.org>
and subject line Bug#535946: fixed in libio-socket-ssl-perl 1.16-1+lenny1
has caused the Debian Bug report #535946,
regarding libio-socket-ssl-perl: incorrect validation of hostnames
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
535946: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535946
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
package: libio-socket-ssl-perl
version: 1.01-1
severity: serious
tags: security , patch
a security issue has been fixed in the latest upstream version of
libio-socket-ssl-perl [0]. see patch [1]. please coordinate with the
security team to prepare updates for the stable releases. thank you.
[0] https://bugzilla.redhat.com/show_bug.cgi?id=509819
[1]
http://search.cpan.org/diff?from=IO-Socket-SSL-1.25&to=IO-Socket-SSL-1.26&w=1
--- End Message ---
--- Begin Message ---
Source: libio-socket-ssl-perl
Source-Version: 1.16-1+lenny1
We believe that the bug you reported is fixed in the latest version of
libio-socket-ssl-perl, which is due to be installed in the Debian FTP archive:
libio-socket-ssl-perl_1.16-1+lenny1.dsc
to
pool/main/libi/libio-socket-ssl-perl/libio-socket-ssl-perl_1.16-1+lenny1.dsc
libio-socket-ssl-perl_1.16-1+lenny1.tar.gz
to
pool/main/libi/libio-socket-ssl-perl/libio-socket-ssl-perl_1.16-1+lenny1.tar.gz
libio-socket-ssl-perl_1.16-1+lenny1_all.deb
to
pool/main/libi/libio-socket-ssl-perl/libio-socket-ssl-perl_1.16-1+lenny1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 535...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Dominic Hargreaves <d...@earth.li> (supplier of updated libio-socket-ssl-perl
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 11 Aug 2009 18:24:16 +0100
Source: libio-socket-ssl-perl
Binary: libio-socket-ssl-perl
Architecture: source all
Version: 1.16-1+lenny1
Distribution: stable
Urgency: low
Maintainer: Debian Perl Group <pkg-perl-maintain...@lists.alioth.debian.org>
Changed-By: Dominic Hargreaves <d...@earth.li>
Description:
libio-socket-ssl-perl - Perl module implementing object oriented interface to
SSL sockets
Closes: 535946 536017
Changes:
libio-socket-ssl-perl (1.16-1+lenny1) stable; urgency=low
.
* Fix partial hostname matching security vulnerability (closes: #535946)
* Add myself to Uploaders
* Disable tests which rely on expired test cert to fix FTBFS
(closes: #536017)
Checksums-Sha1:
1149202c5bd5308c35e2d9e2bcc84a52756b2c4c 1274
libio-socket-ssl-perl_1.16-1+lenny1.dsc
84d258a7b93ba0948f49cbb835236149fb821aed 66657
libio-socket-ssl-perl_1.16-1+lenny1.tar.gz
f33524d4cb5a206bb90447eebabec752b12bdc86 54164
libio-socket-ssl-perl_1.16-1+lenny1_all.deb
Checksums-Sha256:
17ee0b66a16419cd21a11e92a0985e101bde4fb9e8921e3476a1ec32f2f17ee0 1274
libio-socket-ssl-perl_1.16-1+lenny1.dsc
82c7da801659a051379e738397adfa68cd2d6c41a443a8ce73f75f2aee91f67e 66657
libio-socket-ssl-perl_1.16-1+lenny1.tar.gz
2bd92e546fb2553bc1cf6929ae1d7ca90b023cab0b697b051c669be3a68cd709 54164
libio-socket-ssl-perl_1.16-1+lenny1_all.deb
Files:
74ae898b46bc011d57d0e0d500d69b7d 1274 perl optional
libio-socket-ssl-perl_1.16-1+lenny1.dsc
ac655ae7e48c517ee2e0d242c20e655b 66657 perl optional
libio-socket-ssl-perl_1.16-1+lenny1.tar.gz
b833a924b7b779637c590fbbee5c4911 54164 perl optional
libio-socket-ssl-perl_1.16-1+lenny1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKgaofYzuFKFF44qURAhl5AKDboh54D+/lxs7jQQE0NA0d+5GoaQCgjkvO
sOvYbShNGJozm9XQ9Nsb68Y=
=pPea
-----END PGP SIGNATURE-----
--- End Message ---
