Your message dated Tue, 15 Jul 2014 21:40:27 +0000 with message-id <e1x7asz-0005il...@franck.debian.org> and subject line Bug#754655: fixed in polarssl 1.3.7-2.1 has caused the Debian Bug report #754655, regarding polarssl: CVE-2014-4911: Denial of Service against GCM enabled servers and clients to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 754655: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754655 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: polarssl Version: 1.3.7-2 Severity: critical Tags: security, fixed-upstream Please see for details: https://polarssl.org/tech-updates/security-advisories/polarssl-security-advisory-2014-02 --- Henri Salo
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---Source: polarssl Source-Version: 1.3.7-2.1 We believe that the bug you reported is fixed in the latest version of polarssl, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 754...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated polarssl package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 15 Jul 2014 21:39:13 +0200 Source: polarssl Binary: libpolarssl-dev libpolarssl-runtime libpolarssl6 Architecture: source amd64 Version: 1.3.7-2.1 Distribution: unstable Urgency: high Maintainer: Roland Stigge <sti...@antcom.de> Changed-By: Salvatore Bonaccorso <car...@debian.org> Description: libpolarssl-dev - lightweight crypto and SSL/TLS library libpolarssl-runtime - lightweight crypto and SSL/TLS library libpolarssl6 - lightweight crypto and SSL/TLS library Closes: 754655 Changes: polarssl (1.3.7-2.1) unstable; urgency=high . * Non-maintainer upload with maintainers approval. * Add CVE-2014-4911.patch patch. CVE-2014-4911: Fix Denial of Service against GCM enabled servers (and clients). (Closes: #754655) Checksums-Sha1: bb6334f6c287d5b51935e7678d5f5465292616b5 1833 polarssl_1.3.7-2.1.dsc 08747cdf22ec7d29c72e70e8f21cb11ee56be6be 5128 polarssl_1.3.7-2.1.debian.tar.xz b5ca7466744676802e9a5fe144ebd6a58edb171b 314198 libpolarssl-dev_1.3.7-2.1_amd64.deb 28ab3c8459601c041283e4949c9b3db05904b01a 639174 libpolarssl-runtime_1.3.7-2.1_amd64.deb 051a1d53a188d8b15ca841cd424cc83c120dd9b0 220768 libpolarssl6_1.3.7-2.1_amd64.deb Checksums-Sha256: ed9c83ca0b51ce819c856879ddb5189aa58ba959c63553823525fe8fc497e3a7 1833 polarssl_1.3.7-2.1.dsc 4fbbb367acdb6dca497ae5d1d23623a4fbfa4ca4924f30d2e8d7cf0ff643a264 5128 polarssl_1.3.7-2.1.debian.tar.xz d57a16921ed28b6fd82b3600f5a6b280f786fd80429a6626c37118399084aaab 314198 libpolarssl-dev_1.3.7-2.1_amd64.deb 8e44b8a0c7c5bfb7ad14b3840039625aee73e192e3c47bb85749ffaa644f5b82 639174 libpolarssl-runtime_1.3.7-2.1_amd64.deb bd1915dcc68b5ebe932df2b098bcbc6b5c11811c67cd512f1112b45000743d15 220768 libpolarssl6_1.3.7-2.1_amd64.deb Files: 8457734e76a0a0cd68f9d157d4dc6954 314198 libdevel optional libpolarssl-dev_1.3.7-2.1_amd64.deb e69b64eb46f280a64a0af294c66101b9 639174 libdevel optional libpolarssl-runtime_1.3.7-2.1_amd64.deb 4e8f6a56781cb1649f6d9d74c39f4903 220768 libs optional libpolarssl6_1.3.7-2.1_amd64.deb 8b132374e20420275e0b447e1891cfdd 1833 libs optional polarssl_1.3.7-2.1.dsc aab8e5c9963c06846ee636c5eaeb6674 5128 libs optional polarssl_1.3.7-2.1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJTxYYUAAoJEAVMuPMTQ89Ee3AP+QEblaf8YBtYlEOF/cqrCM8T 1X4Z1xhhwXmhnfk6kE1kZic/NiP0MwHIqU6/fkGFf923pZ8Zlc4PferlKgZ/6ZL+ KkG3L5fYqJ3OP/vll/UtvV5Sm77gVBFBHVzj01eOXAI+ylV84IuOdbOn2BVNY+o2 MfFtjFqLq1E0fAPusFb97B75qdfxJWt6A4Jj1h3yDt3eeqq06k4xAsTvwgdWAEww Uo7UiFvjSr4/XyQkLKyaIWYcPPTv4AevsrHe6mc59FY5DWz6FI9L1FB4XftNqOV3 sqOQJRSrhze5qXHsAdXmlzJLYT0jMoynXbAHJea4Ob4ME7StFtLsr+Cof8N6jsBP LtzRsBig6oQX6Kv8epH3vRo8jeeSOz7ILwg+9XP6ffeZnOoq04z1/D8DoS8K9NDW 9DSqm00o/4jMZdtnJGGlNgIXptaQNLCwZZBzdakCD+LoFA+AXFwKUCy/OipKipEE eVMxy8O8tavrD73/7xYb/ET2dH6Ys4dw7b2gCjJs5nr9f+l+eC1kr2/3Lphq7Doi MEmJlIs8uLLmpoe/nS26nSIPnIL8YyNGrGQLKiLltqzLJeJE9RJYWDIvG8f9MyIz 5khz1Dj20tQjtiIMi3yhDBNrCzlZh6WAe2RmMbO4gOJl0IwDj3ysj92vYL7Etjiw oQsvndMkjRSCdrFQQZgf =eH69 -----END PGP SIGNATURE-----
--- End Message ---
