Your message dated Mon, 12 Nov 2012 21:32:33 +0000 with message-id <e1ty1cp-0007n5...@franck.debian.org> and subject line Bug#693076: fixed in gatling 0.12cvs20120114-3 has caused the Debian Bug report #693076, regarding gatling: Gatling 0.12 has two direcory traversal vulns that were fixed in 0.13 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 693076: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693076 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: gatling Version: 0.12cvs20120114-2 Severity: grave Tags: upstream security Justification: user security hole gatling 0.12 has two directory traversal vulns (one in the handling of Host headers, one in the ftp code) that have been fixed in Gatling 0.13. -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages gatling depends on: ii libc6 2.13-35 ii libowfat0 0.28-5 ii libpolarssl0 1.1.4-1 ii libssl1.0.0 1.0.1c-4 ii zlib1g 1:1.2.7.dfsg-13 gatling recommends no packages. gatling suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: gatling Source-Version: 0.12cvs20120114-3 We believe that the bug you reported is fixed in the latest version of gatling, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 693...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Roland Stigge <sti...@antcom.de> (supplier of updated gatling package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 12 Nov 2012 22:11:35 +0100 Source: gatling Binary: gatling Architecture: source amd64 Version: 0.12cvs20120114-3 Distribution: unstable Urgency: low Maintainer: Vedran Furač <vedran.fu...@gmail.com> Changed-By: Roland Stigge <sti...@antcom.de> Description: gatling - high performance web server and file server Closes: 693076 Changes: gatling (0.12cvs20120114-3) unstable; urgency=low . * Adding two patches for path traversal vulnerabilities (FTP, HTTP). Backport fixes from upstream 0.13. Thanks to Jann Horn! (Closes: #693076) Checksums-Sha1: 9a430a6dffabd34d5f4857ec988306e85d4f8b53 1245 gatling_0.12cvs20120114-3.dsc c833486ec83096ab225bf0f1311f71ba598ff059 12055 gatling_0.12cvs20120114-3.debian.tar.gz 337723009edefd5fb78206eb3f6d439118deafec 249042 gatling_0.12cvs20120114-3_amd64.deb Checksums-Sha256: f6808352e3c09b17a9627ca4d699247f4599236192fb5655c26266faf63133af 1245 gatling_0.12cvs20120114-3.dsc e3a9cfa756e2c6573bc098c4feb3325647d3a9ea6917ffa9754f5969f8874417 12055 gatling_0.12cvs20120114-3.debian.tar.gz 091248aab2a23f3f5c1ae743a3f8475ab254567eb79ba0f5725ee810636f5380 249042 gatling_0.12cvs20120114-3_amd64.deb Files: 2ffb9fe4d6764d9e2d6ba3a3a76f95f1 1245 net optional gatling_0.12cvs20120114-3.dsc 2cd14c8b9c0fca0e8edeb520095c877c 12055 net optional gatling_0.12cvs20120114-3.debian.tar.gz e3b57f42742f48ba0e6a03d8e1fe717c 249042 net optional gatling_0.12cvs20120114-3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFQoWdgcaH/YBv43g8RAq+jAJ9ofzV6iUBmsaIn/JVFPXV+Hhlu6ACgwzeT 31nnZGBrCnEUIJRVVUGalRU= =4o7F -----END PGP SIGNATURE-----
--- End Message ---
