Your message dated Fri, 23 Sep 2005 17:09:42 -0400
with message-id <[EMAIL PROTECTED]>
and subject line mantis vuln
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 27 Jul 2005 22:59:13 +0000
>From [EMAIL PROTECTED] Wed Jul 27 15:59:13 2005
Return-path: <[EMAIL PROTECTED]>
Received: from smtp108.mail.sc5.yahoo.com [66.163.170.6]
by spohr.debian.org with smtp (Exim 3.36 1 (Debian))
id 1Dxurp-0001j8-00; Wed, 27 Jul 2005 15:59:13 -0700
Received: (qmail 118 invoked from network); 27 Jul 2005 22:59:12 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=s1024; d=yahoo.es;
h=Received:Subject:From:To:Content-Type:Date:Message-Id:Mime-Version:X-Mailer;
b=PVqWv1pro2FzrLcWFxxYVqqO4w27ovFMoXT8ueUOa33NCwmzBtVyvDoDzvd6zSdWrXhzyTUV1uk8NIcX9cI4ua9bqpl0tZgRF2vSj2p4IhhlpdrcSlK5PkT1gX3RofUBnGmo4EMpL1VF84iSVM9+SfpEW3GxC6pYmd/ZnF/o22k=
;
Received: from unknown (HELO ?192.168.1.5?) ([EMAIL PROTECTED] with plain)
by smtp108.mail.sc5.yahoo.com with SMTP; 27 Jul 2005 22:59:11 -0000
Subject: Various security problems in Mantis Bugtracker
From: Joxean Koret <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="=-qdxGrEjpux3e6M1W4cBf"
Date: Thu, 28 Jul 2005 01:13:27 +0200
Message-Id: <[EMAIL PROTECTED]>
Mime-Version: 1.0
X-Mailer: Evolution 2.0.4
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
--=-qdxGrEjpux3e6M1W4cBf
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
Package: mantis
Version: 0.19.2-3
Severity: grave
Justification: user security hole
Various security problems were fixed in the latest releases of Mantis
Bugtracker: 1.0.0RC1 and 1.0.0RC2. We need patches for these issues.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.11-1-386
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=3DISO-8859-15)
Versions of packages mantis depends on:
ii apache [httpd] 1.3.33-6 versatile, high-performance
HTTP s
ii debconf 1.4.30.13 Debian configuration
management sy
ii grep 2.5.1.ds1-4 GNU grep, egrep and fgrep
ii libapache-mod-php4 4:4.3.10-15 server-side, HTML-embedded
scripti
ii libphp-adodb 4.52-1 The 'adodb' database
abstraction l
ii makepasswd 1.10-2 Generate and encrypt
passwords
ii mysql-client 4.0.24-10 mysql database client
binaries
ii php4-cgi 4:4.3.10-15 server-side, HTML-embedded
scripti
ii php4-cli 4:4.3.10-15 command-line interpreter
for the p
ii php4-mysql 4:4.3.10-15 MySQL module for php4
ii wwwconfig-common 0.0.43 Debian web auto
configuration
-- debconf information excluded
--=-qdxGrEjpux3e6M1W4cBf
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada
digitalmente
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQBC6BUXU6rFMEYDrlERArPsAJ9IHcCZo1wJznDDbBeRl72+G5twyQCdF5Ik
oBeJpnC2EnBIM115OSQFeqI=
=Djm7
-----END PGP SIGNATURE-----
--=-qdxGrEjpux3e6M1W4cBf--
______________________________________________
Renovamos el Correo Yahoo!
Nuevos servicios, más seguridad
http://correo.yahoo.es
---------------------------------------
Received: (at 320262-done) by bugs.debian.org; 23 Sep 2005 21:09:22 +0000
>From [EMAIL PROTECTED] Fri Sep 23 14:09:22 2005
Return-path: <[EMAIL PROTECTED]>
Received: from mouth.voxel.net (mail.squishy.cc) [69.9.180.118] (postfix)
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1EIunK-000240-00; Fri, 23 Sep 2005 14:09:22 -0700
Received: from [192.168.2.130] (c-66-30-8-54.hsd1.ma.comcast.net [66.30.8.54])
by mail.squishy.cc (Postfix) with ESMTP id 24AD4589800B;
Fri, 23 Sep 2005 17:09:28 -0400 (EDT)
Subject: mantis vuln
From: Andres Salomon <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Content-Type: text/plain
Date: Fri, 23 Sep 2005 17:09:42 -0400
Message-Id: <[EMAIL PROTECTED]>
Mime-Version: 1.0
X-Mailer: Evolution 2.2.3
Content-Transfer-Encoding: 7bit
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-CrossAssassin-Score: 2
The original submitter was referring to this:
http://secunia.com/advisories/16506/
This has been fixed in unstable, testing, and stable, so I'm closing
this.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
