Bug#587039: marked as done (ziproxy: CVE-2010-2350)

Sun, 27 Jun 2010 02:57:26 -0700 

Your message dated Sun, 27 Jun 2010 09:56:30 +0000
with message-id <e1osobg-0003sm...@ries.debian.org>
and subject line Bug#587039: fixed in ziproxy 3.1.1-1
has caused the Debian Bug report #587039,
regarding ziproxy: CVE-2010-2350
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
587039: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=587039
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: ziproxy
Severity: grave
Tags: security
Justification: user security hole

A new security issue has been introduced in 3.1.0:      
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2350          
                                                    
Cheers,      
       Moritz

-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.18 (SMP w/1 CPU core)
Locale: lang=de_de.ut...@euro, lc_ctype=de_de.ut...@euro (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

--- End Message ---
--- Begin Message --- 
Source: ziproxy
Source-Version: 3.1.1-1

We believe that the bug you reported is fixed in the latest version of
ziproxy, which is due to be installed in the Debian FTP archive:

ziproxy_3.1.1-1.debian.tar.gz
  to main/z/ziproxy/ziproxy_3.1.1-1.debian.tar.gz
ziproxy_3.1.1-1.dsc
  to main/z/ziproxy/ziproxy_3.1.1-1.dsc
ziproxy_3.1.1-1_i386.deb
  to main/z/ziproxy/ziproxy_3.1.1-1_i386.deb
ziproxy_3.1.1.orig.tar.bz2
  to main/z/ziproxy/ziproxy_3.1.1.orig.tar.bz2



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 587...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Marcos Talau <ta...@users.sourceforge.net> (supplier of updated ziproxy package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 25 Jun 2010 21:29:00 -0300
Source: ziproxy
Binary: ziproxy
Architecture: source i386
Version: 3.1.1-1
Distribution: unstable
Urgency: low
Maintainer: Marcos Talau <ta...@users.sourceforge.net>
Changed-By: Marcos Talau <ta...@users.sourceforge.net>
Description: 
 ziproxy    - compressing HTTP proxy server
Closes: 587039
Changes: 
 ziproxy (3.1.1-1) unstable; urgency=low
 .
   * New upstream release (Closes: #587039) [CVE-2010-2350]
     - Thanks to Moritz Muehlenhoff
   * debian/patches/02_ziproxy_genhtml_stats-bashism.diff
     - Removed, merged upstream.
   * debian/control
     - Renamed Vcs* address
   * debian/patches/02_ziproxy_3.1.1_speedup.diff
     - New patch for fix CPU load problem
   * debian/ziproxy.init
     - Removed $local_fs from Required-{Start,Stop}
Checksums-Sha1: 
 119b84c1c66c3ed5fe43171b71c9c9b383446c01 1892 ziproxy_3.1.1-1.dsc
 c75058fcee5f8bc1cea035d1868ae40e53514393 260604 ziproxy_3.1.1.orig.tar.bz2
 159cd36cb44e8d612c37a15b49b494a03cf4daba 7806 ziproxy_3.1.1-1.debian.tar.gz
 fad2cd88b84c266df5995b9a6e2902b52a4c83aa 125094 ziproxy_3.1.1-1_i386.deb
Checksums-Sha256: 
 5fd3bdb67247021e3e4cf2297c8a8dfa11aa227b9289288ef5d0acc233a129e2 1892 
ziproxy_3.1.1-1.dsc
 8066037eb7a82dc140286ac0e58c81d36da8bc1c76f2699cd0c44f8a631f93b2 260604 
ziproxy_3.1.1.orig.tar.bz2
 4e49883a1e8e395ab7b32ec2d5a93e9cbe3696b20f9a2966fcf5029bf51985f2 7806 
ziproxy_3.1.1-1.debian.tar.gz
 900fbdee98ea150a10caaf2889ef9bad3d7199a82f67aeb6025c8bc1f0972dcb 125094 
ziproxy_3.1.1-1_i386.deb
Files: 
 31a8742789f70285c63a97219bde1cfc 1892 net extra ziproxy_3.1.1-1.dsc
 acbec584995b92d12fd44a0a1cff6046 260604 net extra ziproxy_3.1.1.orig.tar.bz2
 6ba1733522abeb8ece0eea81608a9515 7806 net extra ziproxy_3.1.1-1.debian.tar.gz
 890a775e62ef331fe59709d2ec6db78d 125094 net extra ziproxy_3.1.1-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCgAGBQJMJw41AAoJEKv/7bJACMb5CBkP/jUqIt4sTqtdW50gLTId4mj6
zDmfVxvtVQX/xmQFXqrpUYATVr4rERO6QQCJsgKg9VJlUwJbc040ssSHFmzO8axW
7eez/sbbjjz77jwXFdcS/DrFKuX63PT29Ea40pwtoRQEnLAEdpimJfzQf7Lw9g+2
WUV2fyVrdKE+qcYVLAOj3HQC2zkFY61cNHEDF1h3pwYi1Bvm++3iCRYOhfQP9KMp
ntQ9uxlcLocS1eQD7ygUhK+QYy/cYPh18eu4p8w6UdO/ySlw2aHxtvBFE5NkNsH6
fKeoBOrFaRbUw2NDiM53G1C1Iw/LtPYIldOIc3g9O2Mo7CqlSobi4HIwZ9qqqYCQ
lH/oIDo7pROq1MFkYVGhH4HT5vH9rZaw8us6x+mzNX7HnIzNnEf2DNkGmsd+Qp4k
mvsX7pvn296q+IlqD80X4VcpU4AmVY2LtKOePehc61xWkA92qMj2wIktwAjfVxrw
KiHtneAmEULUtLzfYjCEC59f6+BcYUZnEVG+uQTrCnW4k7TBthRrSPPtox26ULfQ
Bj/w8siQAvyShdbaZOIUgekJienA1zJGxSZQ+48fyQKdIaOQ+SIJao7qjzgctCF1
9lh4mRKOkVvxgNeNw4iU8DoU/Tt68MSB03bNX1ZHrGrBFl57ZQ8O7cboDvgLf0/3
sR9GA13lJsLBX1vJzXFi
=8c/H
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to