Your message dated Sun, 29 May 2011 08:48:39 +0000
with message-id <e1qqbfr-0005ic...@franck.debian.org>
and subject line Bug#627042: fixed in nbd 1:2.9.22-1
has caused the Debian Bug report #627042,
regarding security flaw in 2.9.21
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
627042: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627042
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: nbd-server
Version: 1:2.9.21-1
Severity: normal
Tags: security
nbd 2.9.21 contains a security issue in the negotiation phase (remote
DoS). It should not migrate, ever.
-- System Information:
Debian Release: wheezy/sid
APT prefers testing-proposed-updates
APT policy: (500, 'testing-proposed-updates'), (500, 'oldstable'), (500,
'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.38-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=nl_BE.UTF-8, LC_CTYPE=nl_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages nbd-server depends on:
ii adduser 3.112+nmu2 add and remove users and groups
ii debconf [debconf-2.0] 1.5.39 Debian configuration management sy
ii libc6 2.13-4 Embedded GNU C Library: Shared lib
ii libglib2.0-0 2.28.6-1 The GLib library of C routines
ii ucf 3.0025+nmu2 Update Configuration File: preserv
nbd-server recommends no packages.
nbd-server suggests no packages.
-- debconf information excluded
--- End Message ---
--- Begin Message ---
Source: nbd
Source-Version: 1:2.9.22-1
We believe that the bug you reported is fixed in the latest version of
nbd, which is due to be installed in the Debian FTP archive:
nbd-client-udeb_2.9.22-1_amd64.udeb
to main/n/nbd/nbd-client-udeb_2.9.22-1_amd64.udeb
nbd-client_2.9.22-1_amd64.deb
to main/n/nbd/nbd-client_2.9.22-1_amd64.deb
nbd-server_2.9.22-1_amd64.deb
to main/n/nbd/nbd-server_2.9.22-1_amd64.deb
nbd_2.9.22-1.dsc
to main/n/nbd/nbd_2.9.22-1.dsc
nbd_2.9.22-1.tar.gz
to main/n/nbd/nbd_2.9.22-1.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 627...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Wouter Verhelst <wou...@debian.org> (supplier of updated nbd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 29 May 2011 09:40:55 +0200
Source: nbd
Binary: nbd-server nbd-client nbd-client-udeb
Architecture: source amd64
Version: 1:2.9.22-1
Distribution: unstable
Urgency: low
Maintainer: Wouter Verhelst <wou...@debian.org>
Changed-By: Wouter Verhelst <wou...@debian.org>
Description:
nbd-client - Network Block Device protocol - client
nbd-client-udeb - Network Block Device protocol - client for Debian Installer
(udeb)
nbd-server - Network Block Device protocol - server
Closes: 557809 627042
Changes:
nbd (1:2.9.22-1) unstable; urgency=low
.
* New upstream release
- Fixes CVE-2011-1925; Closes: #627042.
- Fixes a number of data corruption bugs in the handling of oversized
requests.
- Has far better test suite coverage.
- Adds -d option to nbd-server to run non-detached; Closes: #557809.
Checksums-Sha1:
a58ff147728866ec5fc0ad7779cb52c0fa94a38f 1542 nbd_2.9.22-1.dsc
784da9b6bb3403f258924cffe88abdc50cde66b2 1041380 nbd_2.9.22-1.tar.gz
6ae991774901ffeaeaf08cfc60f53a8dc0bacf32 65998 nbd-server_2.9.22-1_amd64.deb
512dbd496f104a34d45b200b9e139b0e2964ffd8 54896 nbd-client_2.9.22-1_amd64.deb
c77a89eba2199f0240351ba089a591cc8d817fd4 7764
nbd-client-udeb_2.9.22-1_amd64.udeb
Checksums-Sha256:
888f0c2c8fec2e547b0d9082c087c4b90da6a3e28d35a3ac1a072a333f096860 1542
nbd_2.9.22-1.dsc
79b5b1ada333483f5a0a46006fefd07b68ef4c5e8d29eb46655fdae8344c946b 1041380
nbd_2.9.22-1.tar.gz
b0bb122b8ceaed9e2650b517f0f1b15c581e0da9194a5383cd548424275384dc 65998
nbd-server_2.9.22-1_amd64.deb
e90460e94134cc68e6b83868d53d90952cf1ea91f83e50fa2a73d0e06e8adc4d 54896
nbd-client_2.9.22-1_amd64.deb
c050eab121a9b805562408e44384b0d995321af5e81f6198a74142f0f77a9042 7764
nbd-client-udeb_2.9.22-1_amd64.udeb
Files:
7067bafc01a9748d759d97e37ead058f 1542 admin optional nbd_2.9.22-1.dsc
5a2f0755860466f290af48336fdfa549 1041380 admin optional nbd_2.9.22-1.tar.gz
1235a641b27265382c5c6f75a7dfbd99 65998 admin optional
nbd-server_2.9.22-1_amd64.deb
1c13b4cd8285e8c0cfaf723d766b889f 54896 admin optional
nbd-client_2.9.22-1_amd64.deb
12d6e448d776af0982bfb1f4bc14c22d 7764 debian-installer optional
nbd-client-udeb_2.9.22-1_amd64.udeb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJN4gBdAAoJEMKUD5Ub3wqdzoUQALcsoWCHrRBOqsJf3u4UvCXq
w9oHiZ1bxZdAwHC1begz8KONK3sbcsPdqQkdh3JRa3atPOP4xnBTT5t98FPCMzi+
NA+FsdKUYjSDt8aErP6kAjWEpUo68TxRN9sBL6EdszD8llSvkpmnsV5W4fQ76G41
uxxmypeGnlwp7QjXX/40mdJZ666NUEyyAzem+dBLp6vXkeQc1l4lLZlbGRHW5s2V
pc4AojMqbp2uYbdiS/P1uE9MF8g9bnTxOpiW/m+UwZ5tRyAvb4EP+BXWrD6r9FBA
rzAFegyykSO//P16dxnlwk1JoHYv4oFa8GAB5XOe0QTpWts3m+4Yw1SbpPuZ6t6g
Np/0hBK5EwgiMzo+HeUnbwufkK+40sX+4VThdsBC/VyiblXzi16CfspfHxpRDkDR
9jqudI85WYUnDx5fOm9JeikST4Ho7bN87xJwEsRPpsr5IhU5Qex/c0WLQWV6gWcJ
4thXWEaeJdEpJ2W0hgkUMkJFFxCgu2GeoeVpCooqBvomK2JJGKqdFKfYY8mkSoic
D8iMcZhwv4XKv140Y8zCjzt/UljbcaAoarSlAU9EZ3FUOfGOLLWTaWMa6ZoxiOjT
5hYTUn18MCaovGukTtYflji0VCFT3mPVrMr0m/4YrZzUQTy2hhnlA+LvJb7QyehG
4mnM84OQuj5x4TiUz6WA
=CN96
-----END PGP SIGNATURE-----
--- End Message ---
