Bug#590768: marked as done (CVE-2010-2266: Denial of service)

Thu, 29 Jul 2010 08:09:22 -0700 

Your message dated Thu, 29 Jul 2010 11:05:54 -0400
with message-id <20100729150553.ga2...@galadriel.inutil.org>
and subject line Re: Bug#590768: CVE-2010-2266: Denial of service
has caused the Debian Bug report #590768,
regarding CVE-2010-2266: Denial of service
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
590768: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590768
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: nginx
Severity: grave
Tags: security

Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2266

There's no further information so far. Probably upstream should be
contacted next.

Cheers,
        Moritz

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages nginx depends on:
ii  libc6                   2.11.2-2         Embedded GNU C Library: Shared lib
ii  libpcre3                8.02-1           Perl 5 Compatible Regular Expressi
ii  libssl0.9.8             0.9.8o-1         SSL shared libraries
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

nginx recommends no packages.

nginx suggests no packages.

--- End Message ---
--- Begin Message --- 
On Thu, Jul 29, 2010 at 10:16:08AM +0530, Kartik Mistry wrote:
> On Thu, Jul 29, 2010 at 10:02 AM, Moritz Muehlenhoff <j...@debian.org> wrote:
> > Please see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2266
> >
> > There's no further information so far. Probably upstream should be
> > contacted next.
> 
> Thanks a lot. Since, we don't have 0.8.36 in Debian - I'll quickly
> contact upstream now if this is affected to package in Debian or not!

Ok. I've updated the Security Tracker, closing the bug, then.

Cheers,
       Moritz

--- End Message ---

Reply via email to