Your message dated Tue, 12 Feb 2013 20:48:51 +0000 with message-id <e1u5mmz-0000zn...@franck.debian.org> and subject line Bug#698910: fixed in zoneminder 1.25.0-4 has caused the Debian Bug report #698910, regarding zoneminder: CVE-2013-0232: arbitrary command execution vulnerability to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 698910: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698910 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: zoneminder Severity: grave Tags: security Justification: user security hole Hi The following arbitrary command execution vulnerability was disclosed for zoneminder: http://itsecuritysolutions.org/2013-01-22-ZoneMinder-Video-Server-arbitrary-command-execution-vulnerability/ Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: zoneminder Source-Version: 1.25.0-4 We believe that the bug you reported is fixed in the latest version of zoneminder, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 698...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Peter Howard <p...@northern-ridge.com.au> (supplier of updated zoneminder package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 12 Jun 2013 12:02:10 +1000 Source: zoneminder Binary: zoneminder Architecture: source i386 Version: 1.25.0-4 Distribution: unstable Urgency: high Maintainer: Peter Howard <p...@northern-ridge.com.au> Changed-By: Peter Howard <p...@northern-ridge.com.au> Description: zoneminder - Linux video camera security and surveillance solution Closes: 698910 Changes: zoneminder (1.25.0-4) unstable; urgency=high . * Add CVE-2013-0232 patch [SECURITY] CVE-2013-0232: Shell escape commands with untrusted content. Thanks to James McCoy <james...@debian.org> (Closes: #698910) Thanks also to Salvatore Bonaccorso <car...@debian.org> Checksums-Sha1: 24d52e754f16893c5e77ea0017da324881541344 2220 zoneminder_1.25.0-4.dsc b4fc7d566a9858b2b99fc8ae634848e4e84e073b 13809 zoneminder_1.25.0-4.debian.tar.gz 6cdf453c884f85a9fe6ddcbbf250884c8afd1748 1906622 zoneminder_1.25.0-4_i386.deb Checksums-Sha256: a30c94dd96c0ac3c1b9127263fa81f6d0e96ef7b048b6cbb0b923532c78cd59b 2220 zoneminder_1.25.0-4.dsc 03a655a9a3af5dbec2612a99041ab16639556c660ecddad526def49ef1b1cc0d 13809 zoneminder_1.25.0-4.debian.tar.gz dbd70731bfe632b5e8fc210f5608c47b32c25bbd90746a838e34387dcda41c25 1906622 zoneminder_1.25.0-4_i386.deb Files: f7c61ec1053b5a8984fbe268c6e48561 2220 net optional zoneminder_1.25.0-4.dsc 8bdab9d4255711d0bd4ceafec9779dd0 13809 net optional zoneminder_1.25.0-4.debian.tar.gz 9bbc8a61a11fc4665e9d917de3518068 1906622 net optional zoneminder_1.25.0-4_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJRGp2rAAoJELeLgtSBS5G2kLgQAIJq88uregRlbv/10WAAAtHj Z9YqZiBXWffvP1ed1J9kD3DojvboQ6ewyDbfyFRS0UqMCbJvy70Qbqqj7U9fZANW hGn60c6XWZyNDxGW8gGQwWez3EcU3s6LrJqIbdFnKNHz1ljCabXU7tXIcWB6k6wn igz8qUdC0ZYGMgOxOyCXZ/qMv+lj+wFy7ee3JwE7dZfzsmh45Je3+rl8RCPyeZkh SZB1DyIAq4HSn1JIkauSBJXHn0Jhzafem71iVJdA0F7SaN1VzQRY5POZ8xtM3V+x CVJIk/n1p/Gg/8OpgWOF9/JgcmL8t1I69b6xPl5k0XtufIVtR9j2zVzK7oOnXMhU xrNxdPGqobOBUM/qnVJ6+tsc6ydp0t8iZOpVESxKW3kIFPFDRldTLz/7+1oBSLpi /A1s8dTdw451KoVH33c32j5lgZwcYWQD0xN1KZYRR8B45vTuIsrpb4c3KjSH0go+ WUdoBHDGa7JVPxky7Y28+wH044ORleqrOy9kucvtBudRF00BdGpl7UUvemmoTGCi vrxDq1Y649btnRK0azEyGBtkatGgmrWfD+ddmxE2/td1ShIPKMuZyBt2FQjSzdvn pQMapYguU0jotvniiw4SBgUP47q3L9aNg6lawjt+yTgD3ieroODDWTfFjzzHiB9h iy0CyGr067FqOOOJkUDG =TrZb -----END PGP SIGNATURE-----
--- End Message ---
