Bug#590769: marked as done (CVE-2010-2491: XSS)

[Debian Bug Tracking System]

Your message dated Fri, 30 Jul 2010 02:47:44 +0000
with message-id <e1oefdq-00045c...@franck.debian.org>
and subject line Bug#590769: fixed in roundup 1.4.13-3.1
has caused the Debian Bug report #590769,
regarding CVE-2010-2491: XSS
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
590769: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590769
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: roundup
Severity: grave
Tags: security

http://bugs.gentoo.org/show_bug.cgi?id=326395
http://roundup.svn.sourceforge.net/viewvc/roundup?view=revision&revision=4486

I'll look into an update.

Cheers,
        Moritz

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages roundup depends on:
ii  adduser                       3.112      add and remove users and groups
ii  python                        2.6.5-11   interactive high-level object-orie
ii  python-central                0.6.16     register and build utility for Pyt

roundup recommends no packages.

Versions of packages roundup suggests:
pn  libapache2-mod-python         <none>     (no description available)
pn  python-gdbm                   <none>     (no description available)
pn  python-mysqldb                <none>     (no description available)
pn  python-openssl                <none>     (no description available)
pn  python-psycopg2               <none>     (no description available)
pn  python-pyme                   <none>     (no description available)
pn  python-sqlite                 <none>     (no description available)
pn  python-tz                     <none>     (no description available)
pn  python-xapian                 <none>     (no description available)
pn  runit                         <none>     (no description available)

--- End Message ---

--- Begin Message ---

Source: roundup
Source-Version: 1.4.13-3.1

We believe that the bug you reported is fixed in the latest version of
roundup, which is due to be installed in the Debian FTP archive:

roundup_1.4.13-3.1.diff.gz
  to main/r/roundup/roundup_1.4.13-3.1.diff.gz
roundup_1.4.13-3.1.dsc
  to main/r/roundup/roundup_1.4.13-3.1.dsc
roundup_1.4.13-3.1_all.deb
  to main/r/roundup/roundup_1.4.13-3.1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 590...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Moritz Muehlenhoff <j...@debian.org> (supplier of updated roundup package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 29 Jul 2010 21:52:01 -0400
Source: roundup
Binary: roundup
Architecture: source all
Version: 1.4.13-3.1
Distribution: unstable
Urgency: medium
Maintainer: Toni Mueller <t...@debian.org>
Changed-By: Moritz Muehlenhoff <j...@debian.org>
Description: 
 roundup    - an issue-tracking system
Closes: 590769
Changes: 
 roundup (1.4.13-3.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Fix CVE-2010-2491 (Closes: #590769)
Checksums-Sha1: 
 88c0f01d3729a462c8deeef64b1865a61d5a0ed3 1051 roundup_1.4.13-3.1.dsc
 2aa4b775bb2948de915c0ab7297ca7da569db53c 23521 roundup_1.4.13-3.1.diff.gz
 ac6423db25c651eb0923eae79c219ff55c3243d2 1356372 roundup_1.4.13-3.1_all.deb
Checksums-Sha256: 
 42f87f08784bd7466c368c2ada74b151f26a62fcb78cf522b0e05b963e748ef1 1051 
roundup_1.4.13-3.1.dsc
 a511f01435c54acefdc6c2c0367df0917b7f723ca45100bea4d4ad19cc2ffda9 23521 
roundup_1.4.13-3.1.diff.gz
 09de9a735eb4f483e570521ddbcb32ffef56a91bc84f9b91dd4ba88fcf37b56e 1356372 
roundup_1.4.13-3.1_all.deb
Files: 
 eae452bd2f43e34ef60402802bdb8b73 1051 web optional roundup_1.4.13-3.1.dsc
 94679bd3e4dcfbb94ee339844075a84c 23521 web optional roundup_1.4.13-3.1.diff.gz
 c8eed062855ddd006f6756749fe1e816 1356372 web optional 
roundup_1.4.13-3.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkxSMH0ACgkQXm3vHE4uylrcpgCg03IMohLMT9F2gxalr0l3w1uq
Ks8Anj6fHa/J9KK9VV/HcKzxh3pS/ZEL
=5J+B
-----END PGP SIGNATURE-----

--- End Message ---