Your message dated Thu, 25 Jul 2013 13:48:09 +0000 with message-id <e1v2ltp-0001mu...@franck.debian.org> and subject line Bug#714362: fixed in php-radius 1.2.5-2.4 has caused the Debian Bug report #714362, regarding php-radius: CVE-2013-2220: security issue in radius_get_vendor_attr() to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 714362: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714362 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: php-radius Severity: serious Tags: security patch Hi, A new upstream release of php-radius is available which fixes a security issue. http://pecl.php.net/package-info.php?package=radius&version=1.2.7 The relevant patch is https://github.com/LawnGnome/php-radius/commit/13c149b051f82b709e8d7cc32111e84b49d57234 A CVE id has been requested and will follow. Can you please fix this issue for unstable, and see if you can prepare updates for (old)stable? thanks, Thijs -- System Information: Debian Release: 7.1 APT prefers stable APT policy: (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=nl_NL.UTF-8, LC_CTYPE=nl_NL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash
--- End Message ---
--- Begin Message ---Source: php-radius Source-Version: 1.2.5-2.4 We believe that the bug you reported is fixed in the latest version of php-radius, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 714...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Thijs Kinkhorst <th...@debian.org> (supplier of updated php-radius package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Thu, 25 Jul 2013 14:28:53 +0200 Source: php-radius Binary: php5-radius php-radius-legacy Architecture: source all amd64 Version: 1.2.5-2.4 Distribution: unstable Urgency: high Maintainer: Roberto Lumbreras <ro...@debian.org> Changed-By: Thijs Kinkhorst <th...@debian.org> Description: php-radius-legacy - Radius protocol implementation in PHP php5-radius - PECL radius module for PHP 5 Closes: 714362 Changes: php-radius (1.2.5-2.4) unstable; urgency=high . * Non-maintainer upload. * Fix security issue in radius_get_vendor_attr() (CVE-2013-2220, closes: #714362) Checksums-Sha1: 3f3fa41bc996d0e888c4abc408dc2352e2dcf1d2 1409 php-radius_1.2.5-2.4.dsc adbf99a63f246a8e748f26512af20b01884bc3ee 11394 php-radius_1.2.5-2.4.diff.gz 9dee4876025c6028a6fd527fbed014d8a49c716f 8726 php-radius-legacy_1.2.5-2.4_all.deb 17c88d04b64966a9a77f330672ec9814f75a4b8e 33162 php5-radius_1.2.5-2.4_amd64.deb Checksums-Sha256: 51161451c233e6c40b715b0156bee749786414507e9715d95a1c195886307347 1409 php-radius_1.2.5-2.4.dsc 0a6e75097ed281ae42d6ff07283bbe5584d758f51d01c9c1ddd3e2fc7799285b 11394 php-radius_1.2.5-2.4.diff.gz dcdc50a992c30d3ccf91246904d56aaea3c941bc2c7388012acd832d30cef8df 8726 php-radius-legacy_1.2.5-2.4_all.deb 1b205b69da132a115d5843b0ddbb43ed2e21a5b1ca5c685998079440564924a1 33162 php5-radius_1.2.5-2.4_amd64.deb Files: d142244c2c97a11aea324b612f79ffb0 1409 web optional php-radius_1.2.5-2.4.dsc ad6dfa3e53c667affaea49e4624437cf 11394 web optional php-radius_1.2.5-2.4.diff.gz 1745856a9a5b687eea99d30aec293310 8726 web optional php-radius-legacy_1.2.5-2.4_all.deb c9b11dfc2e7f067bea68fd8bcf0d7440 33162 web optional php5-radius_1.2.5-2.4_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEcBAEBAgAGBQJR8St4AAoJEFb2GnlAHawEjFQH/3uxIc/MspvXzXpudU1ACpqI CHdSr9A61+LHEMBA7sViRcRR1az+SI1EHqrP+EgY+OczOMF18iDXH3HCoo2b2mQf woQ7FmW/eUdmFrugShpx8QA6YX2kKJxX5pLW0B++GiSdV9rpmDDvL0xTi91Ooajd 9FlFNKVuuGbeVUEAR2Hp5Z75BI0n6qlNBG+Ga4Et3REOA8ejNuybKHQksgDAh3ue 19AFPdRCIv6OdrlDanRgBcyBzNDK5hEQ0Q7yIdB5zEONBS1tDvUeFUph7BQNb6JP dcXm2tRjUXYw4oHJALoV1OmLUMLfdUvytej4GUf+e8WHyvAT8D7CVJ5STqP3xEA= =pdah -----END PGP SIGNATURE-----
--- End Message ---
