Your message dated Sun, 06 Dec 2009 10:50:11 +0000
with message-id <1260096611.869333.3408.nullmai...@kmos.homeip.net>
and subject line Package twiki has been removed from Debian
has caused the Debian Bug report #526258,
regarding CVE-2009-1339: CSRF Vulnerability with Image Tag
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
526258: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526258
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: twiki
Version: 1:4.0.5-9.1etch1
Severity: grave
Tags: security
Justification: user security hole
FYI, Twiki in oldstable is affected by a security vulnerability :
http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2009-1339
AFAIK, there's no patch available for old versions.
Best regards,
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'testing-proposed-updates')
Architecture: i386 (i686)
Kernel: Linux 2.6.29-1-686 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages twiki depends on:
ii apache2.2-common 2.2.11-3 Apache HTTP Server common files
ii debconf [debconf-2.0] 1.5.26 Debian configuration management sy
pn libalgorithm-diff-perl <none> (no description available)
ii libcgi-session-perl 4.41-1 persistent session data in CGI app
ii libdigest-sha1-perl 2.11-2+b1 NIST SHA-1 message digest algorith
ii liberror-perl 0.17-1 Perl module for error/exception ha
ii libhtml-parser-perl 3.60-1 collection of modules that parse H
pn liblocale-maketext-lexicon-p <none> (no description available)
pn libtext-diff-perl <none> (no description available)
ii liburi-perl 1.37+dfsg-1 Manipulates and accesses URI strin
ii perl [libmime-base64-perl] 5.10.0-19 Larry Wall's Practical Extraction
ii perl-modules [libnet-perl] 5.10.0-19 Core Perl modules
ii rcs 5.7-24 The GNU Revision Control System
twiki recommends no packages.
Versions of packages twiki suggests:
pn libunicode-maputf8-perl <none> (no description available)
--- End Message ---
--- Begin Message ---
Version: 1:4.1.2-5+rm
You filled the bug http://bugs.debian.org/526258 in Debian BTS
against the package twiki. I'm closing it at *unstable*, but it will
remain open for older distributions.
For more information about this package's removal, read
http://bugs.debian.org/559353. That bug might give the reasons why
this package was removed and suggestions of possible replacements.
Don't hesitate to reply to this mail if you have any question.
Thank you for your contribution to Debian.
--
Marco Rodrigues
--- End Message ---
