Your message dated Sat, 19 Sep 2009 11:02:09 +0000
with message-id <e1moxhh-0003ij...@ries.debian.org>
and subject line Bug#547390: fixed in libfwbuilder 3.0.7-1
has caused the Debian Bug report #547390,
regarding libfwbuilder8: Security issue with temporary file handling
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
547390: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=547390
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libfwbuilder8
Version: 3.0.5-1
Severity: grave
Tags: security
Justification: user security hole
Upstream says:
This release [3.0.7] fixes security issue with temporary file handling
in the generated iptables script that affects only Linux systems where
Firewall Builder is used to generate static routing configuration.
The problem was introduced in v3.0.4 and is now fixed.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (600, 'testing'), (500, 'unstable'), (500, 'stable'), (1,
'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.30-1-686-bigmem (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libfwbuilder8 depends on:
ii libc6 2.9-25 GNU C Library: Shared
libraries
ii libgcc1 1:4.4.1-1 GCC support library
ii libsnmp15 5.4.1~dfsg-12 SNMP (Simple Network
Management Pr
ii libstdc++6 4.4.1-1 The GNU Standard C++
Library v3
ii libxml2 2.7.4.dfsg-2 GNOME XML library
ii libxslt1.1 1.1.24-2 XSLT processing library -
runtime
ii zlib1g 1:1.2.3.3.dfsg-15 compression library -
runtime
libfwbuilder8 recommends no packages.
libfwbuilder8 suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: libfwbuilder
Source-Version: 3.0.7-1
We believe that the bug you reported is fixed in the latest version of
libfwbuilder, which is due to be installed in the Debian FTP archive:
libfwbuilder-dev_3.0.7-1_i386.deb
to pool/main/libf/libfwbuilder/libfwbuilder-dev_3.0.7-1_i386.deb
libfwbuilder8-dbg_3.0.7-1_i386.deb
to pool/main/libf/libfwbuilder/libfwbuilder8-dbg_3.0.7-1_i386.deb
libfwbuilder8_3.0.7-1_i386.deb
to pool/main/libf/libfwbuilder/libfwbuilder8_3.0.7-1_i386.deb
libfwbuilder_3.0.7-1.diff.gz
to pool/main/libf/libfwbuilder/libfwbuilder_3.0.7-1.diff.gz
libfwbuilder_3.0.7-1.dsc
to pool/main/libf/libfwbuilder/libfwbuilder_3.0.7-1.dsc
libfwbuilder_3.0.7.orig.tar.gz
to pool/main/libf/libfwbuilder/libfwbuilder_3.0.7.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 547...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sylvestre Ledru <sylves...@debian.org> (supplier of updated libfwbuilder
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 19 Sep 2009 01:46:39 +0200
Source: libfwbuilder
Binary: libfwbuilder-dev libfwbuilder8 libfwbuilder8-dbg
Architecture: source i386
Version: 3.0.7-1
Distribution: unstable
Urgency: high
Maintainer: Sylvestre Ledru <sylves...@debian.org>
Changed-By: Sylvestre Ledru <sylves...@debian.org>
Description:
libfwbuilder-dev - Firewall Builder API library development files
libfwbuilder8 - Firewall Builder API library
libfwbuilder8-dbg - Firewall Builder API library (debugging version)
Closes: 547390
Changes:
libfwbuilder (3.0.7-1) unstable; urgency=high
.
* New upstream version
* This new version fixes a security issue described in the bug report
(Closes: #547390)
* libfwbuilder8-dbg moved to Section: debug
Checksums-Sha1:
17a578e251af27794161e9b807bdebd5e3eda2c8 1299 libfwbuilder_3.0.7-1.dsc
d923541e52d1919eaa56575bdea6ab01e81ab36a 540834 libfwbuilder_3.0.7.orig.tar.gz
acfec87b1ce3a8064f1014ecad6c404fdb1f79ca 5553 libfwbuilder_3.0.7-1.diff.gz
711435a14c1764b51a7817788bc69ac1eb6992a9 128274
libfwbuilder-dev_3.0.7-1_i386.deb
2f17b569967006cc0965a7ab6300709bd449a55c 576228 libfwbuilder8_3.0.7-1_i386.deb
0820fb341a4878e467012b6aa39db7deb4c19b3a 2122064
libfwbuilder8-dbg_3.0.7-1_i386.deb
Checksums-Sha256:
811efa851541eac8e9bbe79d26de1767c1cbfc626a483643f9417ae40d4f8e7d 1299
libfwbuilder_3.0.7-1.dsc
b6dedda5af79e4594d5a13fa24c861da36adf33636c0e9586ad5744a272d6fde 540834
libfwbuilder_3.0.7.orig.tar.gz
a44f07ccf63e89271301893e66541dbf088b2716cedcf5049516c7675c50029c 5553
libfwbuilder_3.0.7-1.diff.gz
a0165087c4d013c40ee05f3aad7c422c727af6f019c89bd93703d9372101ce0a 128274
libfwbuilder-dev_3.0.7-1_i386.deb
1de7bb39934ee4a6ba991a08bc6c82b73d366791dabb744daa022b48815cc055 576228
libfwbuilder8_3.0.7-1_i386.deb
0582a363dcbaa1718a7fda93dc2834d5df8ffb553bfad80932e653ce1b02e4f0 2122064
libfwbuilder8-dbg_3.0.7-1_i386.deb
Files:
efeff20741a598e9e2efe2e120778314 1299 libs optional libfwbuilder_3.0.7-1.dsc
70632afb9f276ac248b13b08f06db85a 540834 libs optional
libfwbuilder_3.0.7.orig.tar.gz
b197e3a4fc31668c24cf60db003b2782 5553 libs optional
libfwbuilder_3.0.7-1.diff.gz
5083821e7a24acda0bf34dd70e176d84 128274 libdevel optional
libfwbuilder-dev_3.0.7-1_i386.deb
e5721f01d020d98785ffd55c432dff98 576228 libs optional
libfwbuilder8_3.0.7-1_i386.deb
6db25776d6ece20106b75b5dcce6b102 2122064 debug extra
libfwbuilder8-dbg_3.0.7-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkq0thcACgkQiOXXM92JlhB5twCfciS9MqGV3SYdthnO2gCH/A/H
nYIAnRJLx4fh/1d0sDzMGaT4txrAEMF1
=phxU
-----END PGP SIGNATURE-----
--- End Message ---
