Your message dated Sat, 12 Sep 2015 21:17:54 +0000 with message-id <e1zasbg-0006jo...@franck.debian.org> and subject line Bug#750562: fixed in sendmail 8.14.4-4+deb7u1 has caused the Debian Bug report #750562, regarding sendmail: CVE-2014-3956 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 750562: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=750562 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: sendmail Severity: grave Tags: security Justification: user security hole Hi, please see http://www.openwall.com/lists/oss-security/2014/06/03/1 for details. Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: sendmail Source-Version: 8.14.4-4+deb7u1 We believe that the bug you reported is fixed in the latest version of sendmail, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 750...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Beckmann <a...@debian.org> (supplier of updated sendmail package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 09 Sep 2015 23:18:29 +0200 Source: sendmail Binary: sendmail-bin rmail sensible-mda libmilter1.0.1 libmilter1.0.1-dbg libmilter-dev sendmail-doc sendmail sendmail-base sendmail-cf Architecture: source all i386 Version: 8.14.4-4+deb7u1 Distribution: wheezy Urgency: medium Maintainer: Debian QA Group <packa...@qa.debian.org> Changed-By: Andreas Beckmann <a...@debian.org> Description: libmilter-dev - Sendmail Mail Filter API (Milter) libmilter1.0.1 - Sendmail Mail Filter API (Milter) libmilter1.0.1-dbg - Sendmail Mail Filter API (Milter) rmail - MTA->UUCP remote mail handler sendmail - powerful, efficient, and scalable Mail Transport Agent sendmail-base - powerful, efficient, and scalable Mail Transport Agent sendmail-bin - powerful, efficient, and scalable Mail Transport Agent sendmail-cf - powerful, efficient, and scalable Mail Transport Agent sendmail-doc - powerful, efficient, and scalable Mail Transport Agent sensible-mda - Mail Delivery Agent wrapper Closes: 597781 692047 709895 714184 717951 720435 724772 737164 747910 750562 Changes: sendmail (8.14.4-4+deb7u1) wheezy; urgency=medium . * QA upload. * Set maintainer to Debian QA Group. (See: #740070) * Merge some bugfixes from sid. * close_on_exec.patch: Properly set the close-on-exec flag for file descriptors before executing mailers, cherry-picked from sendmail 8.14.9. CVE-2014-3956 (Closes: #750562) * libmilter-assert.patch: Fix an incorrect assertion in libmilter, cherry-picked from sendmail 8.14.7. (LP: #1299571) * Add support for OpenSSL options SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2 (backported from 8.14.8), thanks to David F. Skoll. (Closes: #747910) * conf.c-ipv6.patch: Fix A-only MX CNAME interface binding issues when using IPv6, thanks to David F. Skoll. (Closes: #737164) (LP: #1223633) (backported from 8.14.6) * raise-max-daemons.patch: Raise MAXDAEMONS from 10 to 64, thanks to Kees Cook. (Closes: #720435) * Switch from deprecated 'find -perm +xxx' to 'find -perm /xxx'. (Closes: #724772) * Start sendmail after bind9 (or any other named) if it is installed. (Closes: #714184) * sendmailconfig: Add missing quoting, thanks to Stuart Sheldon. (Closes: #692047) * Fix infinite loop in update_db, thanks to Flo. (Closes: #717951) * Do not ship duplicate sendmail.8 manpage. (Closes: #709895, #597781) Checksums-Sha1: 8963b34763170c8a53a052ba12a16b39ec9da765 2562 sendmail_8.14.4-4+deb7u1.dsc bd3820dfa1de99c22447fbaa51af374538348f1b 384460 sendmail_8.14.4-4+deb7u1.diff.gz efb5ba095eb756b4f61f0448d31cb24d7b574fe9 836800 sendmail-doc_8.14.4-4+deb7u1_all.deb 29b8ed246b4f49702512ae8b37869d1508e8d679 215868 sendmail_8.14.4-4+deb7u1_all.deb e2979a39710dbcc37d6a0979b80d090cb080bc1d 364316 sendmail-base_8.14.4-4+deb7u1_all.deb a2e2dc6ab8b862ef8e9342ec6258e39b048d3b31 301142 sendmail-cf_8.14.4-4+deb7u1_all.deb f3ca53865bfcf6d713064d9f950e0466dab1367e 964028 sendmail-bin_8.14.4-4+deb7u1_i386.deb af40d5808361069325c654a8a3b515069adeb9ae 249602 rmail_8.14.4-4+deb7u1_i386.deb 4ba831626e894028bf47bb9905a41b6ad35cf01d 218684 sensible-mda_8.14.4-4+deb7u1_i386.deb 549e3156680dbcb544ece7511f02a7ee5acc9499 241606 libmilter1.0.1_8.14.4-4+deb7u1_i386.deb 687ef6a3bf565cfe7bace8b4de9ff8d842a96ea5 269054 libmilter1.0.1-dbg_8.14.4-4+deb7u1_i386.deb f5c42b87040055c98a0daaa12ae2c3e44979ba6e 332522 libmilter-dev_8.14.4-4+deb7u1_i386.deb Checksums-Sha256: 3ff4e92ab92a07cac2aa9c3f0b7c4fffbdcf9be2e557f8679e1d31cb9dc54f4d 2562 sendmail_8.14.4-4+deb7u1.dsc 0ed484e7907f3968c5d7b056ecf4b2dfac407c041d9d5b58b38745913e946ee6 384460 sendmail_8.14.4-4+deb7u1.diff.gz ff286e55ea7dd33608803b035a1381f81f1a647dd7d59f0bb478e7c94f12329f 836800 sendmail-doc_8.14.4-4+deb7u1_all.deb a145ee7b1d178350c17ba0131711bf0124fe59f764b2f725c956c88497ddadaa 215868 sendmail_8.14.4-4+deb7u1_all.deb aa36c29d3c3fb51fef36bb3b58abdb7800583a87ef9273463a27efec48a7b03b 364316 sendmail-base_8.14.4-4+deb7u1_all.deb 0eca2a2e3d860b117a3766a15d830b13f0ab0d8f1a37cc4e378eb06d18af1e09 301142 sendmail-cf_8.14.4-4+deb7u1_all.deb 86c01411fb4ab18f5fb0a51a4e450d2dec935d10496cf9430b0569a6dc88e807 964028 sendmail-bin_8.14.4-4+deb7u1_i386.deb 77c9b7636114d13f044eae68c3209d97ec23a79dbf054420cb79786763b94c3d 249602 rmail_8.14.4-4+deb7u1_i386.deb 4361d73779c24e46d3900c6684fafc3b547d625fd03386e7244e4e0362e38455 218684 sensible-mda_8.14.4-4+deb7u1_i386.deb 1624aa8c2e4bc4a13e30fbe7e0067139d0577965841359f8f7f72fd2969dead7 241606 libmilter1.0.1_8.14.4-4+deb7u1_i386.deb bf15a36de782a09f8ccbee95046d2b727db1fa0452b7123572bf92f2ff809548 269054 libmilter1.0.1-dbg_8.14.4-4+deb7u1_i386.deb b72a9030aaccd8eb66c86da09e9e3c8e77e024e5f353b3060fc26e641ad2abb2 332522 libmilter-dev_8.14.4-4+deb7u1_i386.deb Files: fa292e496d4a2f7249db378ca4e5bc31 2562 mail extra sendmail_8.14.4-4+deb7u1.dsc c749e2cf8c40a657492593f804b4a015 384460 mail extra sendmail_8.14.4-4+deb7u1.diff.gz 3db18e4a221859a522a5fced14bad044 836800 doc extra sendmail-doc_8.14.4-4+deb7u1_all.deb d8723d0ef8b4445d93d7d7114e71f7ba 215868 mail extra sendmail_8.14.4-4+deb7u1_all.deb 6e52a39d2fff6217fd24ace42385f12c 364316 mail extra sendmail-base_8.14.4-4+deb7u1_all.deb 57b135dee8922193ff8ed5a1b1556877 301142 mail extra sendmail-cf_8.14.4-4+deb7u1_all.deb afbbc8a4b0e5ca65dbf38628c163dfa3 964028 mail extra sendmail-bin_8.14.4-4+deb7u1_i386.deb 8f4e22d0c884ad0d01f2e3cf3f87e3bb 249602 mail extra rmail_8.14.4-4+deb7u1_i386.deb dffeab9bcf8b8b434afa50974b5fb83c 218684 mail extra sensible-mda_8.14.4-4+deb7u1_i386.deb 793fdc80604b2449c441526099cc7047 241606 libs extra libmilter1.0.1_8.14.4-4+deb7u1_i386.deb 375b94df89fd4c760c8611352fdbca55 269054 libs extra libmilter1.0.1-dbg_8.14.4-4+deb7u1_i386.deb 1058f30e4bb9a15f1732ecee1ffa0462 332522 libdevel extra libmilter-dev_8.14.4-4+deb7u1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJV8KVyAAoJEF+zP5NZ6e0IcsIP/jXKzhaHBFMx8PsZkBwhLL6+ 72IjeXLTl4Oiak2tGSSnFJnaQcigSRG7sqfjQ1K7WrIxNYYXsYC6BVAVTVNdNoUL VKSkKCrvVLWW0MzZQ8T7qN6poafc9Kp2JZGts4l+BR9ks6dwRv/xXljwVEzOzRrH 6rbL9Z+nAWwK+NKqmjkPcRA+4FyfSxdurCRPN+ObGBPpFl3HDmPUs1WhKvE/RtfF 3onNxdOUpbi63AazOgyzHWwDkUCURpE6bJFsqpOb5SxtQf2r/LKovMz8nIk/U7wD L2vG/PhajTrEH3AJajuKsJq7C8eH1IeypogwmcGo0o36YurHLIQ7I4TQJ+01vzgf qUY3CRUVuaIpga5RX2tLrDCzcrrYiJE4XsILiY6ZNSdbUFcmBIpX+hBBXt5vXDcK iuO3iPIizQ+zZsXSSjcKhiSidapaGYwigHFIsKza0xRgNBpFSynKUk8abGiVJ3NQ QqlbPFBWpk0QgphuUolhtSQmAw+csIOoHZcwYOnXzDHHWILDgwN+xfalNFWuL0Yh Z8GzQp8xFmbNmXE7GQpvdXaW2eN7/ni7XJMoo1Fg9G2YH+AQvs0gqbVr4KO3MuNF Ln6qBP57OGpRT66D4dv+zNANB4e130QxXYue5CYjjMleyYwfC6rL/QJNf7/9a5Vj RZesu0Y7EgEKjmiwZDfI =Qhul -----END PGP SIGNATURE-----
--- End Message ---
