Bug#659899: marked as done (CVE-2011-0790: XSS)

[Debian Bug Tracking System]

Your message dated Tue, 14 Feb 2012 19:03:45 +0000
with message-id <e1rxnff-0000cf...@franck.debian.org>
and subject line Bug#659899: fixed in smokeping 2.6.7-1
has caused the Debian Bug report #659899,
regarding CVE-2011-0790: XSS
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
659899: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659899
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: smokeping
Severity: grave
Tags: security

This has been assigned CVE-2011-0790:
http://holisticinfosec.org/content/view/188/45/

Patch:
https://bugzilla.redhat.com/attachment.cgi?id=556619&action=diff&context=patch&collapsed=&headers=1&format=raw

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: smokeping
Source-Version: 2.6.7-1

We believe that the bug you reported is fixed in the latest version of
smokeping, which is due to be installed in the Debian FTP archive:

smokeping_2.6.7-1.debian.tar.gz
  to main/s/smokeping/smokeping_2.6.7-1.debian.tar.gz
smokeping_2.6.7-1.dsc
  to main/s/smokeping/smokeping_2.6.7-1.dsc
smokeping_2.6.7-1_all.deb
  to main/s/smokeping/smokeping_2.6.7-1_all.deb
smokeping_2.6.7.orig.tar.gz
  to main/s/smokeping/smokeping_2.6.7.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 659...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Antoine Beaupré <anar...@debian.org> (supplier of updated smokeping package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 14 Feb 2012 13:30:29 -0500
Source: smokeping
Binary: smokeping
Architecture: source all
Version: 2.6.7-1
Distribution: unstable
Urgency: high
Maintainer: Antoine Beaupré <anar...@debian.org>
Changed-By: Antoine Beaupré <anar...@debian.org>
Description: 
 smokeping  - latency logging and graphing system
Closes: 659899
Changes: 
 smokeping (2.6.7-1) unstable; urgency=high
 .
   * New upstream release to fix CVE-2012-0790 (Closes: #659899)
Checksums-Sha1: 
 5f69d2c67ba4ce69c170a62f6791820e677ba354 2095 smokeping_2.6.7-1.dsc
 2f03211f6bfca8cf35e8fdb04aaafec8bacbe537 411650 smokeping_2.6.7.orig.tar.gz
 fa3995f22b884f4e917a0ce2d9a586455aec62ff 21432 smokeping_2.6.7-1.debian.tar.gz
 65484512035ffb4eb4cf3ad28c581fccd6842a72 425616 smokeping_2.6.7-1_all.deb
Checksums-Sha256: 
 099a4a67ed78effb0630d2059002436a9154b310e22f67b5a6724f98002a640e 2095 
smokeping_2.6.7-1.dsc
 410c564a02f9bc816aa3cd22e91a99bb64a55adebd221f2c6d61b5d67a824611 411650 
smokeping_2.6.7.orig.tar.gz
 5e10066b3efd7a209377eafa53ee1cabad52c4ba9284d170ee30e2fef50a1aa3 21432 
smokeping_2.6.7-1.debian.tar.gz
 54f7cfab925f6f1788abda5a72d635dce81b8c9b1effc59e259ec4f33697cb92 425616 
smokeping_2.6.7-1_all.deb
Files: 
 d84c07b5dd97dbccec5cfc5bf4cd2ff8 2095 net extra smokeping_2.6.7-1.dsc
 3aeedd7cc030194241224872f8ca8ef3 411650 net extra smokeping_2.6.7.orig.tar.gz
 f9837d128d4cadbeabb9bf63933904d3 21432 net extra 
smokeping_2.6.7-1.debian.tar.gz
 65520fb1525c57d89812a85c87952bd2 425616 net extra smokeping_2.6.7-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCAAGBQJPOqztAAoJEHkhUlJ7dZIe+VMQAKGqZCv4nzVdJVluNpdQOcDZ
EGgu2z41udv22ev+qcguAvf4bCNJo9GXBa8GNyH/l6ssiGXGsdmBw92Rs7/7ILCG
w13F/R5HZyZ9w2Jrow0cIO3qfUyJCscxLnXw9yMvQCwik1+nEgF2H8bjLQjGV7gr
JX1kUA2V5NQYq16WiRCg60AJeovgda87wSGIe6s7Y9ucV9ocE0sMFU599PxCNgC0
Now49heyyjZ6lQka0pimdnUTVPa3zERH945QI5EkmHaT03BWQvnswXGGQYo/+s2p
lQaL+Y6QLHARxw3tiKnE5dztbduyd8MPRP0Bavg8L9V3UrRXLDnVC9//pTD+YB5X
HrDdI+pyolkl8ZNEqXYJQdqii6wRd3AHB6TJjxtzKnoBn3KoMKSr7/TOB1II1VRI
Z59ZzaPnugIo1p+zE96Wx/F0bPu+1BqoL6uXz6xHlL1im756YAsmoXesWdvFbnPV
RW9Old9a2iN5HEkfxpQLyzWP/IdN+Bp4yENmZZsHpSXbIV2tJzi6IlX0T7ycxLiw
IK9GGGmq9z+25eqebVhvhTA3FK26I7IEiwlhqSEIbN3/FJ0EaSkiikpPz8ulkwNC
JEADe61t5RqcxYeq1TDdBGbamEle6HYIR7MtSUAkyi0DrP6/Lt8nSf4FIKpttQB3
XzxYCq/8chKjnOo2NX2h
=k/wK
-----END PGP SIGNATURE-----

--- End Message ---