Bug#684456: marked as done (qpid-cpp: CVE-2012-3467)

Sat, 06 Oct 2012 12:36:16 -0700 

Your message dated Sat, 06 Oct 2012 19:32:41 +0000
with message-id <e1tka77-00009e...@franck.debian.org>
and subject line Bug#684456: fixed in qpid-cpp 0.16-6+deb7u1
has caused the Debian Bug report #684456,
regarding qpid-cpp: CVE-2012-3467
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
684456: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684456
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: qpid-cpp
Severity: grave
Tags: security
Justification: user security hole

Please see http://www.openwall.com/lists/oss-security/2012/08/09/6

Since we're in freeze, please fix this with an isolated patch.

Cheers,
        Moritz

--- End Message ---
--- Begin Message --- 
Source: qpid-cpp
Source-Version: 0.16-6+deb7u1

We believe that the bug you reported is fixed in the latest version of
qpid-cpp, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 684...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Cajus Pollmeier <ca...@debian.org> (supplier of updated qpid-cpp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 10 Aug 2012 20:39:06 +0200
Source: qpid-cpp
Binary: qpidd qpid-client libqmf1 libqmf-dev libqmf2-1 libqmf2-dev 
libqmfconsole2 libqmfconsole2-dev libqpidmessaging2 libqpidmessaging2-dev 
libsslcommon2 libsslcommon2-dev librdmawrap2 librdmawrap2-dev libqpidtypes1 
libqpidtypes1-dev libqpidcommon2 libqpidcommon2-dev libqpidclient2 
libqpidclient2-dev libqpidbroker2 libqpidbroker2-dev libqmfengine1 
libqmfengine1-dev python-cqpid python-qmf2 python-cqmf2 python-qmf qmfgen 
qpid-doc ruby-qpid libqpid-ruby1.8 libqpid-perl
Architecture: source amd64 all
Version: 0.16-6+deb7u1
Distribution: testing-proposed-updates
Urgency: low
Maintainer: Cajus Pollmeier <ca...@debian.org>
Changed-By: Cajus Pollmeier <ca...@debian.org>
Description: 
 libqmf-dev - enterprise messaging system - QMF development files
 libqmf1    - enterprise messaging system - QMF libraries
 libqmf2-1  - enterprise messaging system - QMF2 libraries
 libqmf2-dev - enterprise messaging system - QMF2 development files
 libqmfconsole2 - enterprise messaging system - QMF console library
 libqmfconsole2-dev - enterprise messaging system - QMF console development 
files
 libqmfengine1 - enterprise messaging system - QMF engine libraries
 libqmfengine1-dev - enterprise messaging system - QMF engine development files
 libqpid-perl - enterprise messaging system - Perl bindings
 libqpid-ruby1.8 - Transitional package for ruby-qpid
 libqpidbroker2 - enterprise messaging system - broker libraries
 libqpidbroker2-dev - enterprise messaging system - broker development files
 libqpidclient2 - enterprise messaging system - client libraries
 libqpidclient2-dev - enterprise messaging system - client development files
 libqpidcommon2 - enterprise messaging system - common libraries
 libqpidcommon2-dev - enterprise messaging system - common development files
 libqpidmessaging2 - enterprise messaging system - AMQP messaging libraries
 libqpidmessaging2-dev - enterprise messaging system - AMQP messaging 
development files
 libqpidtypes1 - enterprise messaging system - API libraries
 libqpidtypes1-dev - enterprise messaging system - API development files
 librdmawrap2 - enterprise messaging system - RDMA libraries
 librdmawrap2-dev - enterprise messaging system - RDMA development files
 libsslcommon2 - enterprise messaging system - common SSL libraries
 libsslcommon2-dev - enterprise messaging system - common SSL development files
 python-cqmf2 - enterprise messaging system - Python CQMF2 bindings
 python-cqpid - enterprise messaging system - Python CQPID bindings
 python-qmf - enterprise messaging system - Python QMF module
 python-qmf2 - enterprise messaging system - Python QMF2 bindings
 qmfgen     - enterprise messaging system - Python QMF interface generator
 qpid-client - enterprise messaging system - AMQP client
 qpid-doc   - enterprise messaging system - documentation and examples
 qpidd      - enterprise messaging system - AMQP broker
 ruby-qpid  - enterprise messaging system - Ruby bindings
Closes: 684456
Changes: 
 qpid-cpp (0.16-6+deb7u1) testing-proposed-updates; urgency=low
 .
   * Fixes security issue CVE-2012-3467 which may allow bypassing the
     broker authentication mechanism. Closes: #684456.
Checksums-Sha1: 
 21866cdf8ad9cd043667c4694311f1564acb865b 3317 qpid-cpp_0.16-6+deb7u1.dsc
 523324028a3c37e021a7475b218edd7ff8ba0c38 319846 
qpid-cpp_0.16-6+deb7u1.debian.tar.gz
 3787265714e42167365c45ff9c0b88422d1233d7 803796 qpidd_0.16-6+deb7u1_amd64.deb
 4f1b93b993038c08ecc7befe2f78f52d2e72be53 105838 
qpid-client_0.16-6+deb7u1_amd64.deb
 a9b91bdeb84cff02d63d39a33fb731cfd27e231c 72074 libqmf1_0.16-6+deb7u1_amd64.deb
 b86ba332ec5e66ebec06b8279be010ea9552e1fc 6908 
libqmf-dev_0.16-6+deb7u1_amd64.deb
 fe0df6a37a49ea436c4ab2c0ab0bad2561fb0543 191346 
libqmf2-1_0.16-6+deb7u1_amd64.deb
 3b8019ce4a7d966241302e0a1b2c72f90a4f31b8 36806 
libqmf2-dev_0.16-6+deb7u1_amd64.deb
 8f2e659f0ae344c209ef2e8969e10d09403ae48d 92662 
libqmfconsole2_0.16-6+deb7u1_amd64.deb
 44177d6c24242cbbd2df713d42e7bf03e0aecf4a 11602 
libqmfconsole2-dev_0.16-6+deb7u1_amd64.deb
 d76db22e6792303cdf5e9f4a7afad26cf300fa04 210850 
libqpidmessaging2_0.16-6+deb7u1_amd64.deb
 8c81b2d03401090d39ef6e6de163845eb6f9b9c7 13584 
libqpidmessaging2-dev_0.16-6+deb7u1_amd64.deb
 2aa3dc9209b557de938effd53f17df3238248715 80388 
libsslcommon2_0.16-6+deb7u1_amd64.deb
 c14054e59943e117cd722f6c567c54682f05f900 3558 
libsslcommon2-dev_0.16-6+deb7u1_amd64.deb
 d524db46d0c2d3f4cb8c0934052f7519cc2a1508 56980 
librdmawrap2_0.16-6+deb7u1_amd64.deb
 859bef4e5c94c6549b791d17f01cd76ab081c91b 3568 
librdmawrap2-dev_0.16-6+deb7u1_amd64.deb
 9391db0045377abfb6d95189f06780b63e682b6d 46808 
libqpidtypes1_0.16-6+deb7u1_amd64.deb
 711e4d72b7d44f8a37d335b79c766227ed7e2950 6172 
libqpidtypes1-dev_0.16-6+deb7u1_amd64.deb
 fd75a50c9bc3f3524a0cf5a3377eb4a856feb57a 806774 
libqpidcommon2_0.16-6+deb7u1_amd64.deb
 5ce84cd8adeae1eae2cd68bfe526f9a732b2964e 174078 
libqpidcommon2-dev_0.16-6+deb7u1_amd64.deb
 7dc9990359fcc2610a6055cb606a1da4b2cda187 280700 
libqpidclient2_0.16-6+deb7u1_amd64.deb
 1c7c1ffb5ead0795519a5d081c850b6835123869 38218 
libqpidclient2-dev_0.16-6+deb7u1_amd64.deb
 d30171bf29f9eafc85ed76463f32d79ce290c4b6 1177362 
libqpidbroker2_0.16-6+deb7u1_amd64.deb
 ede5868fd19dcbab745c7291ce4ce3e0f73207fd 67822 
libqpidbroker2-dev_0.16-6+deb7u1_amd64.deb
 d6ae317dd9baea7944bc9bc0a3c9ee59a788e024 193724 
libqmfengine1_0.16-6+deb7u1_amd64.deb
 63e137daea9870a2ea8caa82c0ec3197d6212c85 13402 
libqmfengine1-dev_0.16-6+deb7u1_amd64.deb
 4cd924aedbaa6cbf501f073ec909f027021bcc0b 99990 
python-cqpid_0.16-6+deb7u1_amd64.deb
 6041f540105fcc6ab23b3232b53064a4311c7df1 10052 
python-qmf2_0.16-6+deb7u1_amd64.deb
 6d144a7ffde1be538407c1f12872c21a57fa0a36 110082 
python-cqmf2_0.16-6+deb7u1_amd64.deb
 017260e3eca36562cc3cccffba6fa89cdcc34d76 94500 
python-qmf_0.16-6+deb7u1_amd64.deb
 3356aafe03a94176ccf7382a086a8e261bf538ac 25678 qmfgen_0.16-6+deb7u1_amd64.deb
 f87270d3eb4991ec4e7150fdbe19c0f1cbbad812 43100 qpid-doc_0.16-6+deb7u1_all.deb
 5b51ba7f2092de9a400c49def887521b1c9bf6e2 222530 
ruby-qpid_0.16-6+deb7u1_amd64.deb
 6d45c369302ce12022ab4e24d2b4fea841e5099d 3318 
libqpid-ruby1.8_0.16-6+deb7u1_amd64.deb
 f20ed65ea42ba67c1c83dd364cebe191c4828b71 83282 
libqpid-perl_0.16-6+deb7u1_amd64.deb
Checksums-Sha256: 
 04e72089f3b5c742c1b977333dad3d1f2bc1ae97cffd73a3a5c2288f03de1d4e 3317 
qpid-cpp_0.16-6+deb7u1.dsc
 125d96de32f5972789a83fd4ad04320ff61b5b80e09ba684a1113d2267fa0c22 319846 
qpid-cpp_0.16-6+deb7u1.debian.tar.gz
 db62c70ea7d151427465c952df81a6fe7da640cb0d8dfd136eeadeed72037d7d 803796 
qpidd_0.16-6+deb7u1_amd64.deb
 9876137805c1f0653c6ee238d9ed3e2daa64ad1ad89e67cbdcf7d655f223f924 105838 
qpid-client_0.16-6+deb7u1_amd64.deb
 8fc3174d44501397b776eecc9e8a4b20b7009e0ec282205021047ffb881cd140 72074 
libqmf1_0.16-6+deb7u1_amd64.deb
 f769a71a3fda51b289a0ecf40db7ffb8f16e15b8b352ca104ab1e4406815d576 6908 
libqmf-dev_0.16-6+deb7u1_amd64.deb
 17ff38a43618fcfbeadc89859920125c8c19312366629d2a2fa2420723dfa10b 191346 
libqmf2-1_0.16-6+deb7u1_amd64.deb
 789b100990a29d48d92d0d5b51b75cc68cdcc3ad67683f4c0bead82b791c15de 36806 
libqmf2-dev_0.16-6+deb7u1_amd64.deb
 e93e331aa2c1b2eed27c308dba8d932596689fbae1f1d51dcf57ca1720467e3e 92662 
libqmfconsole2_0.16-6+deb7u1_amd64.deb
 1f791b9dbe74842a2dc71d949594fc6c242cd975c01f4e763725d049198949bd 11602 
libqmfconsole2-dev_0.16-6+deb7u1_amd64.deb
 db8ae4dcda7d7cfdbc1ef20ffb538bb30725d1e59f55ed2d07cc907541c0672a 210850 
libqpidmessaging2_0.16-6+deb7u1_amd64.deb
 f42522f9791abee8e8f7fb04b24da359dabfbb1a3feec00199fb3a89093f182f 13584 
libqpidmessaging2-dev_0.16-6+deb7u1_amd64.deb
 b9d9aff66a00cb7c1b55dba900516d3e864d1b5c2d38c756b4b113c66f05f178 80388 
libsslcommon2_0.16-6+deb7u1_amd64.deb
 d5c45ddafe9e474d0d50cad50cf508edcd9b975825f03b2983e4fc02636ee6e1 3558 
libsslcommon2-dev_0.16-6+deb7u1_amd64.deb
 1e3911db1cd8eccd86667c4909edd81d841a0004068a3e20f50faa0d6b80d6c2 56980 
librdmawrap2_0.16-6+deb7u1_amd64.deb
 f351df67da42c9e48ab3cf121b4bbcf54cc4bbc8f70fdf29f18cb8d7c40c24c8 3568 
librdmawrap2-dev_0.16-6+deb7u1_amd64.deb
 54996103615b4f83c9e97a8983777ee658a6e00c10f97ea839e288b6f12f8765 46808 
libqpidtypes1_0.16-6+deb7u1_amd64.deb
 ab0c5a3e8acb80f36d4a99f6056219e4e647c975c7874f8146d17125e0e205d6 6172 
libqpidtypes1-dev_0.16-6+deb7u1_amd64.deb
 b84fccc76778adbdf9dabd2ec0707dc66f8347c6dc8d2b6fc342942bac4d9ece 806774 
libqpidcommon2_0.16-6+deb7u1_amd64.deb
 8f0fe5ec678ab3968dd4c6d450a9099589439bca8ad9a452bf8f8d92754fd3ff 174078 
libqpidcommon2-dev_0.16-6+deb7u1_amd64.deb
 3c06f886c57f2ff7af7876858fc92f42e9c60d4d137047913d10cbceda6f4826 280700 
libqpidclient2_0.16-6+deb7u1_amd64.deb
 0d70d558f66876b96f664f97e32f361acf68e372220588d16a30536beb29db08 38218 
libqpidclient2-dev_0.16-6+deb7u1_amd64.deb
 2fa2307c3ac58c90930b77a09865e795868b7b13908aed5c619bd920a80fd7b9 1177362 
libqpidbroker2_0.16-6+deb7u1_amd64.deb
 4329f9f08e4b87a9fa726eae1c5fe266e5d48634eaa10d5d673706936822f976 67822 
libqpidbroker2-dev_0.16-6+deb7u1_amd64.deb
 b0a2d3572c0577089790dfbc0137543772fb8cdb7681065faf1dc1b6a511e283 193724 
libqmfengine1_0.16-6+deb7u1_amd64.deb
 3c4b9ed52cbdb08c2754533ad9824e7d515e7dec0d4be6fe34fbbdd02d8d75fe 13402 
libqmfengine1-dev_0.16-6+deb7u1_amd64.deb
 25dc3137e347f4e79475f7b50957fa54239f3a29b483b522777782ab0854c18c 99990 
python-cqpid_0.16-6+deb7u1_amd64.deb
 491d962c066b53fb77168951f3d74bddeb89acfbe124f9e74ed43bb203d57e0f 10052 
python-qmf2_0.16-6+deb7u1_amd64.deb
 1443ad22d12d33fede0c0958ec404c028c716fda29fe6e5f0ee5f02e3732f582 110082 
python-cqmf2_0.16-6+deb7u1_amd64.deb
 266dd565eef0700234ae4418f4df0136f08b9a848a654f52e0cf1e53eecdc68a 94500 
python-qmf_0.16-6+deb7u1_amd64.deb
 d3188c29597f0197220500bc41a7319c252ad55fa13edec1a7ffaa5f35a7b5de 25678 
qmfgen_0.16-6+deb7u1_amd64.deb
 5eb1d3d88e83f6af7bce0ae70f1c55166e0c2cefdc1c4a7db6a93f66b411e9f3 43100 
qpid-doc_0.16-6+deb7u1_all.deb
 56ab2e9e29fcf3e47cd68b1434e801f871bf986c26ee3b500beef6e355531f3a 222530 
ruby-qpid_0.16-6+deb7u1_amd64.deb
 2c8e6cda4317a38a2ff98b1f85d8f86e15081067965623d5441075bf46431757 3318 
libqpid-ruby1.8_0.16-6+deb7u1_amd64.deb
 5ecc40b7d9649413768a7b19a712661e9cf7407de8a9fa787d467bf197a684ba 83282 
libqpid-perl_0.16-6+deb7u1_amd64.deb
Files: 
 33b6f969ac02ee787b55515b2338778d 3317 misc extra qpid-cpp_0.16-6+deb7u1.dsc
 513d6f985e30f9d130d715c6e5f7a13f 319846 misc extra 
qpid-cpp_0.16-6+deb7u1.debian.tar.gz
 9e622f49bc3e850dfbd61a597eb59338 803796 misc extra 
qpidd_0.16-6+deb7u1_amd64.deb
 ec9f06451084301f32f32e4a32850e54 105838 misc extra 
qpid-client_0.16-6+deb7u1_amd64.deb
 8cfb6a4d91e1fa10496287ff2c6aafd3 72074 misc extra 
libqmf1_0.16-6+deb7u1_amd64.deb
 e05142986dce482f15faa2087754b175 6908 libdevel extra 
libqmf-dev_0.16-6+deb7u1_amd64.deb
 7aa562c106cb66aeaca7bbda0f4f4d54 191346 misc extra 
libqmf2-1_0.16-6+deb7u1_amd64.deb
 70e1c9c0506d5baa81a3a9154f2b2ac6 36806 libdevel extra 
libqmf2-dev_0.16-6+deb7u1_amd64.deb
 432e98f73f43198cde7c0ed2f4a688aa 92662 misc extra 
libqmfconsole2_0.16-6+deb7u1_amd64.deb
 882176031f5648d8475a449c64d7f38d 11602 libdevel extra 
libqmfconsole2-dev_0.16-6+deb7u1_amd64.deb
 a2f35fc5885f4b664e79165998b99519 210850 misc extra 
libqpidmessaging2_0.16-6+deb7u1_amd64.deb
 9f8075a802c40b3da114ef3ef6ab54cf 13584 libdevel extra 
libqpidmessaging2-dev_0.16-6+deb7u1_amd64.deb
 e3bffb2d4509c7184dd71867ee2dc636 80388 misc extra 
libsslcommon2_0.16-6+deb7u1_amd64.deb
 a764db5656fda850a65fc5ea5f7f8cbb 3558 libdevel extra 
libsslcommon2-dev_0.16-6+deb7u1_amd64.deb
 c8e8e8fde358c59fc21c8e4d8e705556 56980 misc extra 
librdmawrap2_0.16-6+deb7u1_amd64.deb
 cf6b79f2d0e4a05230a6025512128e2c 3568 libdevel extra 
librdmawrap2-dev_0.16-6+deb7u1_amd64.deb
 4ddd105bddfba222f075621165155b28 46808 misc extra 
libqpidtypes1_0.16-6+deb7u1_amd64.deb
 21d8399af1f1ec93dc64bf98449b4ef7 6172 libdevel extra 
libqpidtypes1-dev_0.16-6+deb7u1_amd64.deb
 77d29e92550aadf445e53a05230263cc 806774 misc extra 
libqpidcommon2_0.16-6+deb7u1_amd64.deb
 c9d1f661c1bb68a98ab0e9846741e873 174078 libdevel extra 
libqpidcommon2-dev_0.16-6+deb7u1_amd64.deb
 dc674bc0822f47249763d37ee562d91d 280700 misc extra 
libqpidclient2_0.16-6+deb7u1_amd64.deb
 cb474d33cfbda2a2ad23e819bbaed0c4 38218 libdevel extra 
libqpidclient2-dev_0.16-6+deb7u1_amd64.deb
 32c96baef0579164966f1e06978bf50b 1177362 misc extra 
libqpidbroker2_0.16-6+deb7u1_amd64.deb
 81d4343248da82be1f67a32ca433ea4b 67822 libdevel extra 
libqpidbroker2-dev_0.16-6+deb7u1_amd64.deb
 af969016af04ccc9d574530966f1c2be 193724 misc extra 
libqmfengine1_0.16-6+deb7u1_amd64.deb
 14a50d407b3a6672bb3812866d3e792b 13402 libdevel extra 
libqmfengine1-dev_0.16-6+deb7u1_amd64.deb
 9a7943a5f3ccf38e0d8dca55f408aca8 99990 python extra 
python-cqpid_0.16-6+deb7u1_amd64.deb
 0b5fe27ab5d83d5ea0d1e0a8045153a6 10052 python extra 
python-qmf2_0.16-6+deb7u1_amd64.deb
 e28a6d8d002e55db802cd4efe3babfd4 110082 python extra 
python-cqmf2_0.16-6+deb7u1_amd64.deb
 f74590431807a56d9b88c25161ff6558 94500 python extra 
python-qmf_0.16-6+deb7u1_amd64.deb
 433695b0286c4fef7d36e4abb8d3383d 25678 python extra 
qmfgen_0.16-6+deb7u1_amd64.deb
 7a57d59566efffffbc69dcc2dda102f7 43100 doc extra qpid-doc_0.16-6+deb7u1_all.deb
 dea7c3be247ab31ea499e2f398e01b4c 222530 ruby extra 
ruby-qpid_0.16-6+deb7u1_amd64.deb
 5d937532246fc755fba19c021f207ec9 3318 oldlibs extra 
libqpid-ruby1.8_0.16-6+deb7u1_amd64.deb
 afd3147a0ad382971f909c454b3dc057 83282 perl extra 
libqpid-perl_0.16-6+deb7u1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: GPGTools - http://gpgtools.org

iD8DBQFQcIKutyibJ/7Y+CYRAnHVAKCoub6AUkb761rSMGewmg2VxbjVaQCcCgrh
+SzqHdupvwsU51eHlh0ndGc=
=bKab
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to