Your message dated Thu, 23 Oct 2014 16:41:23 +0000 with message-id <e1xhlrz-00008a...@franck.debian.org> and subject line Bug#766476: fixed in moonshot-gss-eap 0.9.2-3 has caused the Debian Bug report #766476, regarding ROM: Security Review Required before inclusion in Jessie to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 766476: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766476 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---package: moonshot-gss-eap version: 0.9.2-1 severity: serious >From the TODO.debian: * Give the security team a change to comment on the included code from wpa_supplicant. There's really no other way; their ABI is not stable enough that it would make sense to build eap shared libraries out of the wpa_supplicant package. The code is relatively stable, and I think this is the best approach but the security team should be given a heads up. * Confirm there are not security fixes we need to pull in from wpa_supplicant. I need to send mail to the security team and I need to review the wpa_supplicant package and security issues in wpa_supplicant before this can be permitted to be in a release. I expect both tasks to be done in a day or so.
--- End Message ---
--- Begin Message ---Source: moonshot-gss-eap Source-Version: 0.9.2-3 We believe that the bug you reported is fixed in the latest version of moonshot-gss-eap, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 766...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sam Hartman <hartm...@debian.org> (supplier of updated moonshot-gss-eap package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Thu, 23 Oct 2014 12:05:38 -0400 Source: moonshot-gss-eap Binary: moonshot-gss-eap moonshot-gss-eap-dbg Architecture: source amd64 Version: 0.9.2-3 Distribution: unstable Urgency: medium Maintainer: Sam Hartman <hartm...@debian.org> Changed-By: Sam Hartman <hartm...@debian.org> Description: moonshot-gss-eap - Moonshot Federated Authentication - authentication mechanism moonshot-gss-eap-dbg - Moonshot Federated Authentication - debugging Symbols Closes: 766476 Changes: moonshot-gss-eap (0.9.2-3) unstable; urgency=medium . * Review security of libeap/wpa_supplicant and send mail to security team explaining why I believe moonshot-gss-eap is supportable, Closes: #766476 Checksums-Sha1: 0476c8be061880a27dcb10765cca549bc19f69da 1553 moonshot-gss-eap_0.9.2-3.dsc 08908875bc154f7d60a87f6ea75bd6625dc5e2ac 32612 moonshot-gss-eap_0.9.2-3.debian.tar.xz f115632995470b745e04d7780c808c799d702ebc 161108 moonshot-gss-eap_0.9.2-3_amd64.deb 9e34e3163b6646b2df53780268981560b34a39ca 658250 moonshot-gss-eap-dbg_0.9.2-3_amd64.deb Checksums-Sha256: 52e4447b9ccb450bf1513d2b99a6965145b2aff70cac6f8e981da21f730d7762 1553 moonshot-gss-eap_0.9.2-3.dsc f5b76fbf6ef95f8f659ccfc03e33febf7349d3cda83b403d5096fd97b40d4c6c 32612 moonshot-gss-eap_0.9.2-3.debian.tar.xz ee72ff91c979f356bf6078dea4a0383db1b2c053a0a899fc6e53d65ab4a31569 161108 moonshot-gss-eap_0.9.2-3_amd64.deb 1247cb1e2850e220c110768f5c20fd6986945ae24deb2672a1ae5312b1027249 658250 moonshot-gss-eap-dbg_0.9.2-3_amd64.deb Files: 0b624c33d69e0f67636a4e67c6773f6c 1553 net optional moonshot-gss-eap_0.9.2-3.dsc f892bb4e523d92c6f307fa1de4532f92 32612 net optional moonshot-gss-eap_0.9.2-3.debian.tar.xz 9e87b5920ff2a8c7f55d8fd5bc64f5d7 161108 net optional moonshot-gss-eap_0.9.2-3_amd64.deb 7bf3badbb6f400e247f2fd0ebda8caf2 658250 debug extra moonshot-gss-eap-dbg_0.9.2-3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlRJKKIACgkQ/I12czyGJg9ybQCgunfUL54GnOvYPbb3ndtaQmIC TBUAoIwtJ3r2nR4VD3ZdC+1JAWMAkEvw =vU0i -----END PGP SIGNATURE-----
--- End Message ---
