Your message dated Tue, 12 Jan 2010 09:17:47 +0000
with message-id <e1nucsl-0008es...@ries.debian.org>
and subject line Bug#559782: fixed in centerim 4.22.9-1
has caused the Debian Bug report #559782,
regarding centerim: CVE-2008-4776
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
559782: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559782
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: centerim
Version: 4.22.7-1.1
Severity: important
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for libgadu. Centerim embeds libgadu, so it is affected.
CVE-2008-4776[0]:
| libgadu before 1.8.2 allows remote servers to cause a denial of
| service (crash) via a contact description with a large length, which
| triggers a buffer over-read.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4776
http://security-tracker.debian.org/tracker/CVE-2008-4776
--- End Message ---
--- Begin Message ---
Source: centerim
Source-Version: 4.22.9-1
We believe that the bug you reported is fixed in the latest version of
centerim, which is due to be installed in the Debian FTP archive:
centerim-common_4.22.9-1_all.deb
to main/c/centerim/centerim-common_4.22.9-1_all.deb
centerim-fribidi_4.22.9-1_i386.deb
to main/c/centerim/centerim-fribidi_4.22.9-1_i386.deb
centerim-utf8_4.22.9-1_i386.deb
to main/c/centerim/centerim-utf8_4.22.9-1_i386.deb
centerim_4.22.9-1.diff.gz
to main/c/centerim/centerim_4.22.9-1.diff.gz
centerim_4.22.9-1.dsc
to main/c/centerim/centerim_4.22.9-1.dsc
centerim_4.22.9-1_i386.deb
to main/c/centerim/centerim_4.22.9-1_i386.deb
centerim_4.22.9.orig.tar.gz
to main/c/centerim/centerim_4.22.9.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 559...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Dmitry E. Oboukhov <un...@debian.org> (supplier of updated centerim package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
Format: 1.8
Date: Tue, 12 Jan 2010 10:57:29 +0300
Source: centerim
Binary: centerim-common centerim centerim-utf8 centerim-fribidi
Architecture: source all i386
Version: 4.22.9-1
Distribution: unstable
Urgency: high
Maintainer: Anibal Avelar <aave...@cofradia.org>
Changed-By: Dmitry E. Oboukhov <un...@debian.org>
Description:
centerim - A text-mode multi-protocol instant messenger client
centerim-common - A text-mode multi-protocol instant messenger client (data
files)
centerim-fribidi - A text-mode multi-protocol instant messenger client (Hebrew)
centerim-utf8 - A text-mode multi-protocol instant messenger client
Closes: 559782 564803
Changes:
centerim (4.22.9-1) unstable; urgency=high
.
* Added myself to uploaders list, centerim shouldn't be removed from
debian, closes: #564803.
* New upstream version (closes CVE-2008-4776), closes: #559782,
thanks for Michael Gilbert <michael.s.gilb...@gmail.com>.
* Standards-Version bumped to 3.8.3.
* Fixed warn-spam in section clean.
Checksums-Sha1:
a4e0e47a487210ad9c59c2e3c6b1fe220b659ef9 1524 centerim_4.22.9-1.dsc
ecf401ad476d644c7ee434a558ab0d88d55d5515 2436785 centerim_4.22.9.orig.tar.gz
92442603a7274d86f4c6122673b8ee2234d5f114 26173 centerim_4.22.9-1.diff.gz
d0d8a6772be9ade15de4815ccba35cecf98bdb8b 698340
centerim-common_4.22.9-1_all.deb
75ea46af08fffe70400db65fc6035bcaacdb90fe 1151742 centerim_4.22.9-1_i386.deb
f7f322d8261291682bfdc080f4eda234e548c239 1152576
centerim-utf8_4.22.9-1_i386.deb
6a516ed8e474cc5f56aca050a943556cf0fba024 1152664
centerim-fribidi_4.22.9-1_i386.deb
Checksums-Sha256:
e063b04fcc4933a41bf790dd041c5bde0b196b3b79c0ecd374a508a6ee79fd3e 1524
centerim_4.22.9-1.dsc
0dea0e789702504e0ad0faddfe040a36ca6b6b2cfe4273f527af048fe723602c 2436785
centerim_4.22.9.orig.tar.gz
8dbed419a438e34902090f48175ef0992c5176e77503d7f2fdc14c673634f16d 26173
centerim_4.22.9-1.diff.gz
b04c195c563db605323873140e56d4a48497fc4c6d41edd4b6ab38fca546d4ac 698340
centerim-common_4.22.9-1_all.deb
463dca286e502e8e189f23537eef01990b67d0ff6cfcfda257c86788e5359299 1151742
centerim_4.22.9-1_i386.deb
156caac16196ba7b32349c30907aadd00ac0725b62d43861428868321f94ddde 1152576
centerim-utf8_4.22.9-1_i386.deb
cc7361f613c4f53ca7b2acc480dedb1d996212bf0bfa3b53394ee9d10f647e2e 1152664
centerim-fribidi_4.22.9-1_i386.deb
Files:
5975a733f011252034a3f3f9e03b5097 1524 net optional centerim_4.22.9-1.dsc
40e1759eed097bdeff7d606a7688cf37 2436785 net optional
centerim_4.22.9.orig.tar.gz
45f38ad6cbc8974bcb94ede79b3eca04 26173 net optional centerim_4.22.9-1.diff.gz
d79c06cee3b2d0b6cfb5045651598331 698340 net optional
centerim-common_4.22.9-1_all.deb
9208165fcec4dcdd2ac6363b3348265d 1151742 net optional
centerim_4.22.9-1_i386.deb
5137f94df1dc905e73d1c0db5c189c92 1152576 net optional
centerim-utf8_4.22.9-1_i386.deb
b742fdd1ca8b587cffc9f582fd9a566a 1152664 net optional
centerim-fribidi_4.22.9-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEAREDAAYFAktMMdQACgkQq4wAz/jiZTd6VACfdAjqAN82YE0bdz1qrQJyICuD
rAAAn02pmVB+cViiTwFC/tUfBP1dkXKN
=a8DE
-----END PGP SIGNATURE-----
--- End Message ---
