Your message dated Mon, 22 Oct 2012 14:52:33 +0000 with message-id <e1tqjmn-0007rz...@franck.debian.org> and subject line Bug#691146: fixed in modsecurity-apache 2.6.6-5 has caused the Debian Bug report #691146, regarding modsecurity-apache: CVE-2012-4528 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 691146: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=691146 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: modsecurity-apache Severity: grave Tags: security patch Justification: user security hole Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4528 Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: modsecurity-apache Source-Version: 2.6.6-5 We believe that the bug you reported is fixed in the latest version of modsecurity-apache, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 691...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alberto Gonzalez Iniesta <a...@inittab.org> (supplier of updated modsecurity-apache package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 22 Oct 2012 16:23:19 +0200 Source: modsecurity-apache Binary: libapache2-modsecurity libapache-mod-security Architecture: source i386 all Version: 2.6.6-5 Distribution: unstable Urgency: high Maintainer: Alberto Gonzalez Iniesta <a...@inittab.org> Changed-By: Alberto Gonzalez Iniesta <a...@inittab.org> Description: libapache-mod-security - Dummy transitional package libapache2-modsecurity - Tighten web applications security for Apache Closes: 691146 Changes: modsecurity-apache (2.6.6-5) unstable; urgency=high . * Applied upstream patch to fix multipart/invalid part ruleset bypass. CVE-2012-4528. (Closes: #691146) Checksums-Sha1: df2d1b9a08f15323b1f94f6d5c73c9ad1b711fdd 1349 modsecurity-apache_2.6.6-5.dsc 08c50fd1e6981f3d8e741c8dd3bb72e860bb94f4 9083 modsecurity-apache_2.6.6-5.debian.tar.gz eca8090490c7e63ba26b2e7be85c59f2b592f5b9 303910 libapache2-modsecurity_2.6.6-5_i386.deb a3f48b643c6e9ee7d0816d4c3d4795f4cdc1d5f4 18102 libapache-mod-security_2.6.6-5_all.deb Checksums-Sha256: dda2830f19f321a6e83ef84378bc49166388ab9048d83242c823a492f69b3407 1349 modsecurity-apache_2.6.6-5.dsc c0cf9632ffc065b51e9fbd3d5eb8dd0edd22408765576cf489faf0fe7378a38a 9083 modsecurity-apache_2.6.6-5.debian.tar.gz 4de0522fd94ad92217497a73a3ebc0435bf2eadfa0a691f9398a6b8bf064de91 303910 libapache2-modsecurity_2.6.6-5_i386.deb 8d062686e9a42ede6268e0e1501998e96561ac56bf523c1072e21d6f821a9580 18102 libapache-mod-security_2.6.6-5_all.deb Files: 444b7afdf19b4eeafe0e26148c53f778 1349 httpd optional modsecurity-apache_2.6.6-5.dsc 3cd5aa0ddddb47ce7df846fb574d2b9c 9083 httpd optional modsecurity-apache_2.6.6-5.debian.tar.gz 348469d5fe09f1633b10a363a8045ab2 303910 httpd optional libapache2-modsecurity_2.6.6-5_i386.deb b6275654190c0887be7b8f456b3611c9 18102 oldlibs extra libapache-mod-security_2.6.6-5_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlCFV+oACgkQxRSvjkukAcM8MACgyT/8OvD5L7jVd9ZUoeS1U1xo 9PoAnA/Db1G9l+tCZ9KLhB9wXIWCIMos =6w78 -----END PGP SIGNATURE-----
--- End Message ---
