Your message dated Mon, 10 Aug 2015 18:51:38 +0000 with message-id <e1zosac-0008ey...@franck.debian.org> and subject line Bug#792857: fixed in activemq 5.6.0+dfsg-1+deb7u1 has caused the Debian Bug report #792857, regarding CVE-2014-3576 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 792857: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792857 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: activemq Severity: grave Tags: security https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3576 is scarce on details, but per the fixed upstream release probably affects oldstable and stable. Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: activemq Source-Version: 5.6.0+dfsg-1+deb7u1 We believe that the bug you reported is fixed in the latest version of activemq, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 792...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Emmanuel Bourg <ebo...@apache.org> (supplier of updated activemq package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Fri, 07 Aug 2015 22:16:39 +0200 Source: activemq Binary: libactivemq-java libactivemq-java-doc activemq Architecture: source all Version: 5.6.0+dfsg-1+deb7u1 Distribution: wheezy-security Urgency: high Maintainer: Debian Java Maintainers <pkg-java-maintain...@lists.alioth.debian.org> Changed-By: Emmanuel Bourg <ebo...@apache.org> Description: activemq - Java message broker - server libactivemq-java - Java message broker core libraries libactivemq-java-doc - Java message broker core libraries - documentation Closes: 769887 777196 792857 Changes: activemq (5.6.0+dfsg-1+deb7u1) wheezy-security; urgency=high . * Team upload. * Fixed security issues (Closes: #777196, #792857) - CVE-2014-3612: JAAS LDAPLoginModule allows empty password authentication - CVE-2014-3600: XML External Entity expansion when evaluating XPath expressions - CVE-2014-3576: DoS via unauthenticated remote shutdown command - Disable JMX by default (Closes: #769887) Checksums-Sha1: 3774e5093cc7f227364dabd3d64f102dfed034d4 3353 activemq_5.6.0+dfsg-1+deb7u1.dsc 9dbc1e3b7d01cc54002401c753c9c9502512c6ac 3187408 activemq_5.6.0+dfsg.orig.tar.gz d6dcaf964db30d725948ca104d33d4db963f42b8 22896 activemq_5.6.0+dfsg-1+deb7u1.debian.tar.gz 4f446059f16da15383d6d90b0aebf6b040d957e5 3975514 libactivemq-java_5.6.0+dfsg-1+deb7u1_all.deb 67de6a9bbd13624cac67e82a357be12f4da0bede 9039896 libactivemq-java-doc_5.6.0+dfsg-1+deb7u1_all.deb ef689bb604e73f4bc00f9b83b3937d07a25bc42b 52592 activemq_5.6.0+dfsg-1+deb7u1_all.deb Checksums-Sha256: 6ae1960cc1d8b0c6e2f23aa7049b1e05eb86175f6dcd0847a156eb8c7b06df17 3353 activemq_5.6.0+dfsg-1+deb7u1.dsc f6589dae9e2cff7efe144c5bda99f18c1fc2f220b121a3ac9ef92174cb0899a3 3187408 activemq_5.6.0+dfsg.orig.tar.gz 3882dae19f7fe96bec13a7e379696d495e702ddf21c00b219a44508b7d374a4e 22896 activemq_5.6.0+dfsg-1+deb7u1.debian.tar.gz 678c7ca0c2fa4151f2b6f4899ec5307f94b3f1f1e2eeb77c2fb4f4caece53a85 3975514 libactivemq-java_5.6.0+dfsg-1+deb7u1_all.deb 46336dc90a11caf4c54608dbbf67f29d16a41f8cdd7044362e417c32aa028019 9039896 libactivemq-java-doc_5.6.0+dfsg-1+deb7u1_all.deb c010d707744f0309336cf5b6218eac98a7d11dc931e5325786505d63448b39fd 52592 activemq_5.6.0+dfsg-1+deb7u1_all.deb Files: abc540a4988e1d50602e279b22608f4e 3353 java optional activemq_5.6.0+dfsg-1+deb7u1.dsc 54227cd13c5f73e8ec7e62a0d13d3763 3187408 java optional activemq_5.6.0+dfsg.orig.tar.gz 85cc41a99e7bffec1414627fa93f939c 22896 java optional activemq_5.6.0+dfsg-1+deb7u1.debian.tar.gz 72fa0c44ce67f3ef4780aa1aceca612b 3975514 java optional libactivemq-java_5.6.0+dfsg-1+deb7u1_all.deb fe4cd7ccdc05ecc646cd0b3790f924ff 9039896 doc optional libactivemq-java-doc_5.6.0+dfsg-1+deb7u1_all.deb 269bacd1e23a7f9e3a175bf94e21ca0c 52592 java optional activemq_5.6.0+dfsg-1+deb7u1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJVxRfuAAoJEPUTxBnkudCsVUgP/3WqDVd7jcfLmSOQaCFeghV0 sWpq3Lsa3vhl9zZZ0xAHAFsNpWjzR4dJl7j6PMt6sKlsVA4w+8WK97QYuout/pjQ KG/meek0deC2EZ5tnlFGRIb9OSXpmoNTzLmFFIjGxBLRjO0iLtpx0iYOVMnOiISx 0fMRXdhNJpR4Bm1Ve8i0c8gVBa8yuUb3WMQ/wAetz83q9DcUr6jO9E5s6AVjsB9g pNQeJZUial+kCkS/PrguuKMcpMQRk5mf29jZL5uPrQ4dncPBKPbQPVyOBzBoS36A zlxAV+/fO2h+Wrz0ATtdjlbpivpBvyN6ngo8rrU+F95DoI4hBnu0uyCUfPlI3Eq2 VeDWrNOHvz6CK6gUoStP0W+1IVmaOoRWPmcijoiK/u0dxqvfGZqZhrxt8rPnnTvx D2ufpDqNPyY8j3cyHIY6yhFX85npIGJS//xXdoq4xCMB8e+s7EWFDajJHrs9sS/A almUxJJuz+v+iL3joyinmKbdM4aiPbDbtfwpi68J1uDiGoELx+eQ+C4qHiraberE YgSSpfz5eCKS9vdNxxPOnFFreypD8EItpEwcvVdJfHzx/cG7I0rd7P+HJ/fH/XPt euhNDg9Be97ecoi3ixseL5c9Ld4jbLdPt1NwvKfA41dgJcIUNTXpFw/63Z0Eq1Zs G0lyo4gddSLfqbhn7R2k =80/D -----END PGP SIGNATURE-----
--- End Message ---
