Your message dated Tue, 09 May 2017 15:03:51 +0000 with message-id <e1d86g3-0008xz...@fasolo.debian.org> and subject line Bug#860125: fixed in 389-ds-base 1.3.5.17-1 has caused the Debian Bug report #860125, regarding 389-ds-base: CVE-2017-2668: Remote crash via crafted LDAP messages to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 860125: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860125 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: 389-ds-base Version: 1.3.5.15-2 Severity: grave Tags: upstream security Hi, the following vulnerability was published for 389-ds-base. CVE-2017-2668[0]: Remote crash via crafted LDAP messages If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-2668 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2668 [1] https://bugzilla.redhat.com/show_bug.cgi?id=1436575 Please adjust the affected versions in the BTS as needed. Do you have any more information where it was fixed? Looking at [2] did not help. [2] https://pagure.io/389-ds-base/issues Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: 389-ds-base Source-Version: 1.3.5.17-1 We believe that the bug you reported is fixed in the latest version of 389-ds-base, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 860...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Timo Aaltonen <tjaal...@debian.org> (supplier of updated 389-ds-base package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 09 May 2017 11:06:14 +0300 Source: 389-ds-base Binary: 389-ds 389-ds-base-libs 389-ds-base-dev 389-ds-base Architecture: source Version: 1.3.5.17-1 Distribution: unstable Urgency: medium Maintainer: Debian 389ds Team <pkg-fedora-ds-maintain...@lists.alioth.debian.org> Changed-By: Timo Aaltonen <tjaal...@debian.org> Description: 389-ds - 389 Directory Server suite - metapackage 389-ds-base - 389 Directory Server suite - server 389-ds-base-dev - 389 Directory Server suite - development files 389-ds-base-libs - 389 Directory Server suite - libraries Closes: 860125 Changes: 389-ds-base (1.3.5.17-1) unstable; urgency=medium . * New upstream bugfix release. - CVE-2017-2668 (Closes: #860125) * watch: Updated. Checksums-Sha1: 3ac4e4118a596f850c85e3c866cb5b2aa498cc20 2519 389-ds-base_1.3.5.17-1.dsc 6d354759aca34a2b12e348171e468463b6ef55ca 3587553 389-ds-base_1.3.5.17.orig.tar.bz2 58a35562fbb0d3f30e55e07b666407ccb6fc13a3 23056 389-ds-base_1.3.5.17-1.debian.tar.xz Checksums-Sha256: 81281264ad1a9bacb44e393b50016e0ed7e1e13351de712eeaf22ee339938b09 2519 389-ds-base_1.3.5.17-1.dsc 522420b6decc162ed5d57ca913753b48e4bd7137fa0eb1bbc3e21e45923b1819 3587553 389-ds-base_1.3.5.17.orig.tar.bz2 d1518136abe94b17f269a0d4b2e4d25c162298164b5bc6553447250c0f4d572c 23056 389-ds-base_1.3.5.17-1.debian.tar.xz Files: 7c3091d693b785f6807ccef4d3b97d67 2519 net optional 389-ds-base_1.3.5.17-1.dsc 1e4bedc144c5ea03c908c7d5bce71f81 3587553 net optional 389-ds-base_1.3.5.17.orig.tar.bz2 ef14e2eb6bf54262365c17b562b7b865 23056 net optional 389-ds-base_1.3.5.17-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJZEcRzAAoJEMtwMWWoiYTc1eoQAJi5XCuoJvatoJniRDu+fyeE CekJ2RAiNfvz143RGtIhtZnnJNAPbEoaWFmjrwa/iZTu+Ovm6se404iYSEWFWv97 HyjKsG4SrV/r4mL71iJtLhqyW3pgBtPU/6aQkUg4rgnYgNpIHA8ja6qb5HKtkGbR jTucign+VwyEoErknBl9A+WS/rZKAYV8dUw0Vs37gUkncQEpQI0YcqLCnYKpYFil D9+DGIeko6VcxxH/VEbRIrzOHPuuVuilRPG5itSc9bFgLvimoB3cAXAHNW8L61FZ 5yVQ1JI7wuICqMPM+8jGOqp1lH8YVDSKFgAHbYH4/qsoShZ803njzcrm2eQo4Ozg 4m0ir6A8Xrj/ddDwrMdjdHUlHnjcqSBGKrXOObE4qrPlMZl7IfJZQDPy4YRMWVUR H+iY7J3AGmCwLhWTlNw2TgR8tZcibi78EmOHoobINee6wELLt0jtrDT2yIEcFE3x nG/+4Pf5U7QruF1szRj/WIQH7NicacQo5P+UB8rFGDzZBuyoDL0nnV8VK5yVnuG/ ttMVvc6IC4/cLakOverYcN658BoqgQ3JTosuLeIrEc7PAFSP0PRNYdGSdi+BAQZz PtwVz3BuXBjtGNGmGwyJlTWIE0HF8tGu5GsdsNGTs2f8yqIirxysR32S//nom8uR SD5roRVoIvc6TgZgwUnq =5g1D -----END PGP SIGNATURE-----
--- End Message ---
