Your message dated Sun, 22 Mar 2015 18:33:44 +0000 with message-id <e1yzkgy-0000bc...@franck.debian.org> and subject line Bug#779547: fixed in dokuwiki 0.0.20140505.a+dfsg-4 has caused the Debian Bug report #779547, regarding dokuwiki: CVE-2015-2172: DokuWiki privilege escalation in RPC API to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 779547: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779547 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: dokuwiki Version: 0.0.20140929.a-1 Severity: grave Tags: security upstream fixed-upstream Hi, the following vulnerability was published for dokuwiki. CVE-2015-2172[0]: DokuWiki privilege escalation in RPC API If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-2172 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: dokuwiki Source-Version: 0.0.20140505.a+dfsg-4 We believe that the bug you reported is fixed in the latest version of dokuwiki, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 779...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Tanguy Ortolo <tanguy+deb...@ortolo.eu> (supplier of updated dokuwiki package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 22 Mar 2015 17:40:22 +0100 Source: dokuwiki Binary: dokuwiki Architecture: source all Version: 0.0.20140505.a+dfsg-4 Distribution: testing-proposed-updates Urgency: high Maintainer: Tanguy Ortolo <tanguy+deb...@ortolo.eu> Changed-By: Tanguy Ortolo <tanguy+deb...@ortolo.eu> Description: dokuwiki - standards compliant simple to use wiki Closes: 779547 Changes: dokuwiki (0.0.20140505.a+dfsg-4) testing-proposed-updates; urgency=high . * debian/patches: security fix, from upstream hotfix release + cve-2015-2172_check_permissions_in_rpc.patch: check permissions in the ACL plugin's RPC API to avoid a privilege escalation. (CVE-2015-2172) (Closes: #779547) Checksums-Sha1: e556cb772749c7aa6c5659a24132d7d35f2a1904 2035 dokuwiki_0.0.20140505.a+dfsg-4.dsc bd5e8cc3f5ee87955aa4d7cae30f02403c1210a4 95096 dokuwiki_0.0.20140505.a+dfsg-4.debian.tar.xz d092ad31fd72324d02ec46df01a85b15c62263b6 1653376 dokuwiki_0.0.20140505.a+dfsg-4_all.deb Checksums-Sha256: c72cd1677af3a334c7b45f089ed746982953071d7f689dde3b74abc274b86737 2035 dokuwiki_0.0.20140505.a+dfsg-4.dsc 6804f8152ff1938dfde02e7738d7aa7e1fb1cef570762d49b11d476d013e3036 95096 dokuwiki_0.0.20140505.a+dfsg-4.debian.tar.xz c6348f9149455f18c79bb87f7daf1c60c1b804e429785a478bcbd57d13bd5a1e 1653376 dokuwiki_0.0.20140505.a+dfsg-4_all.deb Files: b9fab8b8f6ae70794a8a9c844b68aa46 2035 web optional dokuwiki_0.0.20140505.a+dfsg-4.dsc 8307c86a3d0f38ac852d78b54b9514ad 95096 web optional dokuwiki_0.0.20140505.a+dfsg-4.debian.tar.xz 2eae6aa486cd3a29f21ff297cd7ea5e3 1653376 web optional dokuwiki_0.0.20140505.a+dfsg-4_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCgAGBQJVDwEaAAoJEOryzVHFAGgZ3/8P/2OEcEorBRnUBc2nGabM+Dw0 xoJ+XaicUBrAiGzWDChEvssLyy79EJbmjXZ+qv6PdlfLujc3sjbMs40muM8TTulx KFluzOu7lSnQCICzeRAC4kyxTfeBimCvgfcSNs7OuwZCOepGP9mEXxjCoDId65V7 4J72jSEByAU8G6O74dmJTjCxYCAm3rXiUqKl67Uck6mpswmpj//7iLX/4dGIPkVK LDD4lIFb2ecDKUOQkZPSnVSYBQM9S6wetoAXCuvHQqV3NJr4uZ2kpEr/rfQH+FFE SizGem2eOQS0C059UwqSQOnYAguTs/nKzKp42WDoUUT7QvGusH78t5ZULf7vXjzp 5cJA3RXqyHqJKW/23W4OkM3g8TXlALCfcApn/C4cB/uVERym9FY0KV0Z3COXlBbA 6KD1RYU7dzfh270clQW/L1djCRAv0gRk3JysfQOM6n1mGaLYKN8HN2zsLqBiDjtb qzxOj+b49PAIVnyU+sUR0KYr/cTda06lIrAX4ScXDVHRxGuj13+7xa4R22FNjQ3i iBLjV7RQs0o/xcgZtpx7VVrEBG+4K2Of2dswTMUG/kJYqM55FHaMNe20mGWieQCh PfvXk6oKE26eRGzybSCXbIjlv9U2w3wSIGla8uA64+2gczMWqES1JzRoNKOV1oKv D5rOTQ3XZirZd3suvGhp =KF2P -----END PGP SIGNATURE-----
--- End Message ---
