Your message dated Fri, 13 Jul 2012 00:02:07 +0000
with message-id <e1sptkh-0005fp...@franck.debian.org>
and subject line Bug#678737: fixed in extplorer 2.1.0b6+dfsg.2-1+squeeze1
has caused the Debian Bug report #678737,
regarding [CVE-2012-3362] extplorer CSRF
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
678737: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678737
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: extplorer
Severity: grave
As per:
http://www.autosectools.com/Advisories/eXtplorer.2.1.RC3_Cross-site.Request.Forgery_174.html
there's a CSRF security issue in eXtplorer.
Patch is on its way, I'm just opening a bug report to track it.
Thomas
--- End Message ---
--- Begin Message ---
Source: extplorer
Source-Version: 2.1.0b6+dfsg.2-1+squeeze1
We believe that the bug you reported is fixed in the latest version of
extplorer, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 678...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thomas Goirand <z...@debian.org> (supplier of updated extplorer package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 22 Jun 2012 18:24:34 +0800
Source: extplorer
Binary: extplorer
Architecture: source all
Version: 2.1.0b6+dfsg.2-1+squeeze1
Distribution: stable-security
Urgency: low
Maintainer: Thomas Goirand <z...@debian.org>
Changed-By: Thomas Goirand <z...@debian.org>
Description:
extplorer - a web file explorer and manager using Ext JS
Closes: 678737
Changes:
extplorer (2.1.0b6+dfsg.2-1+squeeze1) stable-security; urgency=low
.
* CVE-2012-3362: fixes a CSRF (Closes: #678737).
Checksums-Sha1:
0fad4cbe6dd668375d1e67817c9ee525c9ad83c8 1252
extplorer_2.1.0b6+dfsg.2-1+squeeze1.dsc
9c05b7034c634fb416d26e83404c6bdf7c0fdc3d 333040
extplorer_2.1.0b6+dfsg.2.orig.tar.gz
1a4cde601eb50c7488893363b8b44954ad79116c 10763
extplorer_2.1.0b6+dfsg.2-1+squeeze1.debian.tar.gz
dc47360f15d7041dbfb9374ba1923155c787f710 346084
extplorer_2.1.0b6+dfsg.2-1+squeeze1_all.deb
Checksums-Sha256:
084e91c13f0d3a7acf58493a43d3b63201b1e63adad4c5ab0d00b078e8168c5d 1252
extplorer_2.1.0b6+dfsg.2-1+squeeze1.dsc
b886c4f99728c3b7a65c5311f16c2d0a27f020eb66639074afd94a0e1fe362c9 333040
extplorer_2.1.0b6+dfsg.2.orig.tar.gz
ed628fb0a89b321dcdfe4858fc42009476e150d7afdc1949701ebaa23fe5cd0a 10763
extplorer_2.1.0b6+dfsg.2-1+squeeze1.debian.tar.gz
b9f3a7d87d1bd6ff492c38e0d7778973f6a3fc95ad4d3154717e3877287f6141 346084
extplorer_2.1.0b6+dfsg.2-1+squeeze1_all.deb
Files:
b897499495d6cc9919efefe22ad5f6e3 1252 web optional
extplorer_2.1.0b6+dfsg.2-1+squeeze1.dsc
6fe5661a344c163a9755d190f93f18e0 333040 web optional
extplorer_2.1.0b6+dfsg.2.orig.tar.gz
3319f2d7ac76823891efd7141c299c31 10763 web optional
extplorer_2.1.0b6+dfsg.2-1+squeeze1.debian.tar.gz
f45d54cbbcb1c23cf88f547b33c7b7d4 346084 web optional
extplorer_2.1.0b6+dfsg.2-1+squeeze1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAk/4zuoACgkQl4M9yZjvmkljRQCgsFfkvfO5/BMycfmE9PrhbZ09
WQAAn1aCi4k8+KNyvuruJRTmQqDctKvS
=CQc6
-----END PGP SIGNATURE-----
--- End Message ---
