Your message dated Fri, 11 Sep 2009 19:56:57 +0000
with message-id <e1mmcer-0007ki...@ries.debian.org>
and subject line Bug#540657: fixed in serveez 0.1.5-2+etch1
has caused the Debian Bug report #540657,
regarding serveez: REMOTE BUFFER OVERFLOW
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
540657: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540657
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Subject: serveez: REMOTE BUFFER OVERFLOW
Package: serveez
Version: 0.1.5-2.1
Severity: grave
Justification: user security hole
Tags: security
*** Please type your report below this line ***
I HAVE FOUND SERIOUS SATANIC SECURITY HOLE:
http://packetstormsecurity.nl/0908-exploits/serveez-overflow.txt
LVAC!
-- System Information:
Debian Release: 5.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages serveez depends on:
ii guile-1.6-libs 1.6.8-6.3 Main Guile libraries
ii libbz2-1.0 1.0.5-1 high-quality block-sorting file co
ii libc6 2.7-18 GNU C Library: Shared libraries
ii libguile-ltdl-1 1.6.8-6.3 Guile's patched version of libtool
ii libqthreads-12 1.6.8-6.3 QuickThreads library for Guile
ii libserveez-0.1.5 0.1.5-2.1 GNU Serveez server framework -- sh
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
serveez recommends no packages.
serveez suggests no packages.
-- no debconf information
serveez.cfg
Description: Binary data
--- End Message ---
--- Begin Message ---
Source: serveez
Source-Version: 0.1.5-2+etch1
We believe that the bug you reported is fixed in the latest version of
serveez, which is due to be installed in the Debian FTP archive:
libserveez-0.1.5_0.1.5-2+etch1_amd64.deb
to pool/main/s/serveez/libserveez-0.1.5_0.1.5-2+etch1_amd64.deb
libserveez-dev_0.1.5-2+etch1_amd64.deb
to pool/main/s/serveez/libserveez-dev_0.1.5-2+etch1_amd64.deb
serveez-doc_0.1.5-2+etch1_all.deb
to pool/main/s/serveez/serveez-doc_0.1.5-2+etch1_all.deb
serveez_0.1.5-2+etch1.diff.gz
to pool/main/s/serveez/serveez_0.1.5-2+etch1.diff.gz
serveez_0.1.5-2+etch1.dsc
to pool/main/s/serveez/serveez_0.1.5-2+etch1.dsc
serveez_0.1.5-2+etch1_amd64.deb
to pool/main/s/serveez/serveez_0.1.5-2+etch1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 540...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Rottmann <ro...@debian.org> (supplier of updated serveez package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 07 Sep 2009 14:59:49 +0200
Source: serveez
Binary: libserveez-0.1.5 serveez-doc serveez libserveez-dev
Architecture: source amd64 all
Version: 0.1.5-2+etch1
Distribution: oldstable
Urgency: high
Maintainer: Andreas Rottmann <ro...@debian.org>
Changed-By: Andreas Rottmann <ro...@debian.org>
Description:
libserveez-0.1.5 - GNU Serveez server framework -- shared library
libserveez-dev - GNU Serveez server framework -- development files
serveez - GNU Serveez server framework -- server executable
serveez-doc - GNU Serveez server framework -- documentation
Closes: 424263 540657
Changes:
serveez (0.1.5-2+etch1) oldstable; urgency=high
.
* Applied patch to fix HTTP remote buffer overflow (closes: #540657).
* Removed config.status from .diff.gz.
* Applied changes from 0.1.5-2.1 (lenny) to fix build:
- Corrected DISTCLEANFILES in doc/Makefile.{am,in} to fix FTBFS if built
twice in a row (patch by Chris Lamb) (closes: #424263).
- Don't use ${description} substitution variable in debian/control.
Files:
a4ce7f4dd1b3367eb5e7641e57d98e7b 693 devel optional serveez_0.1.5-2+etch1.dsc
505e435719cf510d7f4394e9761c0e86 3133 devel optional
serveez_0.1.5-2+etch1.diff.gz
2f65044f021d106e45e9c5c31fab6a1f 214314 doc optional
serveez-doc_0.1.5-2+etch1_all.deb
3257322cc98962907237a86326209a3b 143438 net optional
serveez_0.1.5-2+etch1_amd64.deb
1fb9e112227bc0bd159a100de9548ecc 128292 devel optional
libserveez-dev_0.1.5-2+etch1_amd64.deb
4fee4e24991dc0f988c188111a3772fc 86738 libs optional
libserveez-0.1.5_0.1.5-2+etch1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkqpOfoACgkQIsgn9zWpkufKiQCffAo0hasD9fmedPxzuU0eFnxQ
ssIAnRAA5ywwRPo5thm74tEVWmBiVe9e
=0KC/
-----END PGP SIGNATURE-----
--- End Message ---
