Bug#674165: marked as done (CVE-2012-2760: Information disclosure)

Debian Bug Tracking System Thu, 31 May 2012 15:21:27 -0700

Your message dated Thu, 31 May 2012 22:19:23 +0000
with message-id <e1sadif-0001py...@franck.debian.org>
and subject line Bug#674165: fixed in libapache2-mod-auth-openid 0.7-0.1
has caused the Debian Bug report #674165,
regarding CVE-2012-2760: Information disclosure
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
674165: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674165
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: libapache2-mod-auth-openid
Severity: grave
Tags: security

Please see http://seclists.org/fulldisclosure/2012/May/238

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: libapache2-mod-auth-openid
Source-Version: 0.7-0.1

We believe that the bug you reported is fixed in the latest version of
libapache2-mod-auth-openid, which is due to be installed in the Debian FTP 
archive:

libapache2-mod-auth-openid_0.7-0.1.debian.tar.gz
  to 
main/liba/libapache2-mod-auth-openid/libapache2-mod-auth-openid_0.7-0.1.debian.tar.gz
libapache2-mod-auth-openid_0.7-0.1.dsc
  to main/liba/libapache2-mod-auth-openid/libapache2-mod-auth-openid_0.7-0.1.dsc
libapache2-mod-auth-openid_0.7-0.1_amd64.deb
  to 
main/liba/libapache2-mod-auth-openid/libapache2-mod-auth-openid_0.7-0.1_amd64.deb
libapache2-mod-auth-openid_0.7.orig.tar.gz
  to 
main/liba/libapache2-mod-auth-openid/libapache2-mod-auth-openid_0.7.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 674...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Clint Adams <cl...@debian.org> (supplier of updated libapache2-mod-auth-openid 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 31 May 2012 15:27:10 -0400
Source: libapache2-mod-auth-openid
Binary: libapache2-mod-auth-openid
Architecture: source amd64
Version: 0.7-0.1
Distribution: unstable
Urgency: low
Maintainer: NIIBE Yutaka <gni...@fsij.org>
Changed-By: Clint Adams <cl...@debian.org>
Description: 
 libapache2-mod-auth-openid - OpenID authentication module for Apache2
Closes: 603916 619768 634801 644527 674165
Changes: 
 libapache2-mod-auth-openid (0.7-0.1) unstable; urgency=low
 .
   * NMU
   * New upstream version.  closes: #644527.
     - Fixes CVE-2012-2760: Information disclosure; closes: #674165.
     - Fixes breakage on https; closes: #634801.
     - Update DESTDIR patch.
   * Bump to Standards-Version 3.9.3.
   * Fix watch file.
   * Update Homepage.  closes: #603916.
   * Convert README.Debian from EUC-JP to UTF-8.  closes: #619768.
Checksums-Sha1: 
 ef67293a459755ea478ab8202fc08b5e5bc253f2 2036 
libapache2-mod-auth-openid_0.7-0.1.dsc
 2ebf6e446aedefc5c2a4523ab05c359a1dcf6f25 352757 
libapache2-mod-auth-openid_0.7.orig.tar.gz
 4888baa683313012cb5c7dd16e2b3e788821c89e 5644 
libapache2-mod-auth-openid_0.7-0.1.debian.tar.gz
 94b658a6168ce4d6f07426224155eb62f59fc2c5 66204 
libapache2-mod-auth-openid_0.7-0.1_amd64.deb
Checksums-Sha256: 
 bc50b678e8792520a8208d381712127422583d2a0ce448ce63ea9f2dd944b619 2036 
libapache2-mod-auth-openid_0.7-0.1.dsc
 58cb927121d39557a3593b10db8c960440295fb49cddf8120d6a5b521877ed4c 352757 
libapache2-mod-auth-openid_0.7.orig.tar.gz
 97c897eefca38b4d7caa94c09ea6da72d2c614309c6f4e5326dc1aa690326183 5644 
libapache2-mod-auth-openid_0.7-0.1.debian.tar.gz
 c8df13e61f702562a00500cd9e7a3c20e4ce183d8a34b6cb5ac317ad6223e316 66204 
libapache2-mod-auth-openid_0.7-0.1_amd64.deb
Files: 
 06de11b57395725d86138077405a144a 2036 httpd extra 
libapache2-mod-auth-openid_0.7-0.1.dsc
 be61ca96e5247eeecab225de5d612524 352757 httpd extra 
libapache2-mod-auth-openid_0.7.orig.tar.gz
 9f504646c5b37377db0fefde1a332a7c 5644 httpd extra 
libapache2-mod-auth-openid_0.7-0.1.debian.tar.gz
 222b6bacd0ae96bfcbae3c122a9f6099 66204 httpd extra 
libapache2-mod-auth-openid_0.7-0.1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Debian!

iQIcBAEBCgAGBQJPx+2tAAoJEFWSMx4ZnTio75UP/1aqSOix6801PYd5/hV+DEbu
Aw19sHIMc56XdHF2/tfBRk20Ytb6tnHmdsyvzgIVox9d6szq1yiUS/xasjqjBMYg
WISFZvIz3pfaAacq9zFkLtyvDDxTpJv6+7qrU29cek1UD3ZKdZVrW/rFfVhsuwSm
dhGCYYAfV4wkpBeE1NhQycRrX6IeHDbHtrQ3K8sNaZg7LeMQmvt3KpT3SNBy3817
YOrTMgf1YzYE5LMxev3/T+wu2SgH+HpHqxibnSZYLWc4aYGlpNwVtPbfr+hsrIde
Aem8QIJwYmM7Qw7164RIPOrgRGqJqtSdxDgPjvASkfpwQsUXD8YWkRqqM/yiZvV1
aLqMH+FibbnyUcK3tOr2hCWrRwf9ODHmau6F/DqbrBD7ZnF4pidbhuJpGfILi9Q1
SRgElS1SA55wcIpi6DvfpuorfH4lwWqh+TwF1BHKD9VpkybyE8u5hgqspz9Eq/R5
KObVF/BLskICHWOSuNBoI+7pE/TscIgWkVPNSweV+SbCfOgfstaNGA9xCEAVVpkV
IL8ljvODERUIM6dsohjkvaxMi/G6SBY6nlXZX7lnk7tpDXrbgi/yRg3+jMiC+FSI
v4WGk3unDlo8z3qW7BG/35Vj30mr8Z6kWNERShKJOlRACrHPIPAf9/8ADOz4uuRi
h2c2kbmWDSXPhkU7R+VR
=P7OO
-----END PGP SIGNATURE-----

--- End Message ---

Bug#674165: marked as done (CVE-2012-2760: Information disclosure)

Reply via email to