Your message dated Mon, 25 Jul 2011 21:49:09 +0000
with message-id <e1qlt1r-0005pp...@franck.debian.org>
and subject line Bug#616114: fixed in polarssl 0.14.3-1
has caused the Debian Bug report #616114,
regarding man in the middle security issue
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
616114: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=616114
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: polarssl
Severity: serious
Tags: security
Hi,
The following report by PolarSSL upstream was brought to our attention:
https://lists.ubuntu.com/archives/ubuntu-motu/2011-February/007026.html
Unfortunately it doesn't disclose details. I'll contact the upstream
maintainer about that, but in any case a good start would be to
upload the new upstream to unstable. Are you able to do that?
Thanks,
Thijs
-- System Information:
Debian Release: 6.0
APT prefers oldstable
APT policy: (500, 'oldstable'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--- End Message ---
--- Begin Message ---
Source: polarssl
Source-Version: 0.14.3-1
We believe that the bug you reported is fixed in the latest version of
polarssl, which is due to be installed in the Debian FTP archive:
libpolarssl-dev_0.14.3-1_i386.deb
to main/p/polarssl/libpolarssl-dev_0.14.3-1_i386.deb
libpolarssl-runtime_0.14.3-1_i386.deb
to main/p/polarssl/libpolarssl-runtime_0.14.3-1_i386.deb
libpolarssl0_0.14.3-1_i386.deb
to main/p/polarssl/libpolarssl0_0.14.3-1_i386.deb
polarssl_0.14.3-1.debian.tar.gz
to main/p/polarssl/polarssl_0.14.3-1.debian.tar.gz
polarssl_0.14.3-1.dsc
to main/p/polarssl/polarssl_0.14.3-1.dsc
polarssl_0.14.3.orig.tar.gz
to main/p/polarssl/polarssl_0.14.3.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 616...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Roland Stigge <sti...@antcom.de> (supplier of updated polarssl package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 25 Jul 2011 10:28:54 +0200
Source: polarssl
Binary: libpolarssl-dev libpolarssl-runtime libpolarssl0
Architecture: source i386
Version: 0.14.3-1
Distribution: unstable
Urgency: low
Maintainer: Roland Stigge <sti...@antcom.de>
Changed-By: Roland Stigge <sti...@antcom.de>
Description:
libpolarssl-dev - lightweight crypto and SSL/TLS library
libpolarssl-runtime - lightweight crypto and SSL/TLS library
libpolarssl0 - lightweight crypto and SSL/TLS library
Closes: 615247 616114 620983
Changes:
polarssl (0.14.3-1) unstable; urgency=low
.
* New upstream release (Closes: #616114)
* New maintainer (Closes: #615247)
* Fixed debian/watch, thanks to Mats Erik Andersson (Closes: #620983)
* debian/control: Standards-Version: 3.9.2
* Source format: 3.0 (quilt)
* Included binaries in libpolarssl-runtime
* Included shared library in libpolarssl0
* Added testsuite build/run to build process
Checksums-Sha1:
b4860354dc77a2475422ccb335db37b58b31e0b2 1052 polarssl_0.14.3-1.dsc
a19096888da2b550dbf9bacf14f7156c07825e55 335843 polarssl_0.14.3.orig.tar.gz
f537bb2b1547825a6bf98e2c251ebc304cc2cb2b 4110 polarssl_0.14.3-1.debian.tar.gz
d922d3c01c234e95804917b5992c4a52e58bc49f 142456
libpolarssl-dev_0.14.3-1_i386.deb
47dd11f8991418728e4bb3e43d3393dc96fa8f8b 838624
libpolarssl-runtime_0.14.3-1_i386.deb
e05f129f48291d23ad2799ca1cb2841ed0bac8b5 110712 libpolarssl0_0.14.3-1_i386.deb
Checksums-Sha256:
5d3c931b4c14752ac08dd79b56673dd8d7bb18c107d144bc50dfb15b0a21cfe5 1052
polarssl_0.14.3-1.dsc
ecde78bb94ec3b289d9d7a2842e0a43e5c6a74b9c32757ce88d724ce8145a486 335843
polarssl_0.14.3.orig.tar.gz
333dc6d7a4a752aaa5cb653d804625cd751d9f25ce692392f13a314c359abc46 4110
polarssl_0.14.3-1.debian.tar.gz
a1f5c8bed049c262095be12c5c911a5649e2a12186d01990d942f0eb232962eb 142456
libpolarssl-dev_0.14.3-1_i386.deb
186e1dd4df4c2d1adc87f745447fc91fadc5903ec38a971fb54b60ac64568cc5 838624
libpolarssl-runtime_0.14.3-1_i386.deb
f82fc9b82e4c3a4119eca9d9b55fabbe3ff7cf43b6c289a1a6abe283913b01d9 110712
libpolarssl0_0.14.3-1_i386.deb
Files:
7d4f4056d07af480a727bcdc4f691dba 1052 libs optional polarssl_0.14.3-1.dsc
f1b2fe9087ab64d7ea40a276a3628583 335843 libs optional
polarssl_0.14.3.orig.tar.gz
656b31e2814784ccb5c55676ce340065 4110 libs optional
polarssl_0.14.3-1.debian.tar.gz
6e8b01c2b810ba8e21e3253eeae08eb8 142456 libdevel optional
libpolarssl-dev_0.14.3-1_i386.deb
2d6a96a6db7248c1f315494afbf1538d 838624 libdevel optional
libpolarssl-runtime_0.14.3-1_i386.deb
e9b8b805962aac5febedfb04fae4e420 110712 libs optional
libpolarssl0_0.14.3-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFOLcoMcaH/YBv43g8RAvVHAKCYlv5PTxq2ZcunK3dAaNYGJoLv7wCg3rTX
t7sDEel5ZdCgnLkdPGjBy30=
=1deW
-----END PGP SIGNATURE-----
--- End Message ---
