Bug#854733: marked as done (zoneminder: CVE-2017-5367 CVE-2017-5368 CVE-2017-5595)

Debian Bug Tracking System Tue, 29 Aug 2017 13:57:27 -0700

Your message dated Tue, 29 Aug 2017 21:54:02 +0100
with message-id 
<1504040042.855244.1089049736.6e33a...@webmail.messagingengine.com>
and subject line Re: zoneminder: CVE-2017-5367 CVE-2017-5368 CVE-2017-5595
has caused the Debian Bug report #854733,
regarding zoneminder: CVE-2017-5367 CVE-2017-5368 CVE-2017-5595
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
854733: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854733
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: zoneminder
Severity: grave
Tags: security

Please see
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5367
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5368
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5595

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

forwarded 854733 https://github.com/ZoneMinder/ZoneMinder/pull/1764
thanks

Going through this, it looks like the XSS, CSRF, SQL injection and
session fixation issues were indeed reported, addressed and released
upstream.


Best wishes,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      la...@debian.org / chris-lamb.co.uk
       `-

--- End Message ---

Bug#854733: marked as done (zoneminder: CVE-2017-5367 CVE-2017-5368 CVE-2017-5595)

Reply via email to