Your message dated Mon, 31 May 2021 15:18:27 +0000 with message-id <e1lnjgr-0001co...@fasolo.debian.org> and subject line Bug#989095: fixed in nginx 1.18.0-6.1 has caused the Debian Bug report #989095, regarding nginx: CVE-2021-23017: DNS Resolver off-by-one heap write vulnerability to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 989095: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989095 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: nginx Version: 1.18.0-6 Severity: grave Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: found -1 1.14.2-2+deb10u3 Control: found -1 1.14.2-2 Hi, The following vulnerability was published for nginx. CVE-2021-23017[0]: | DNS Resolver off-by-one heap write vulnerability If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-23017 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017 [1] https://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: nginx Source-Version: 1.18.0-6.1 Done: Salvatore Bonaccorso <car...@debian.org> We believe that the bug you reported is fixed in the latest version of nginx, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 989...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Salvatore Bonaccorso <car...@debian.org> (supplier of updated nginx package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 29 May 2021 16:21:37 +0200 Source: nginx Architecture: source Version: 1.18.0-6.1 Distribution: unstable Urgency: high Maintainer: Debian Nginx Maintainers <pkg-nginx-maintain...@alioth-lists.debian.net> Changed-By: Salvatore Bonaccorso <car...@debian.org> Closes: 989095 Changes: nginx (1.18.0-6.1) unstable; urgency=high . * Non-maintainer upload. * Resolver: fixed off-by-one write in ngx_resolver_copy() (CVE-2021-23017) (Closes: #989095) Checksums-Sha1: 9475afd4a7479c46f80d27b295582dee855b060b 4913 nginx_1.18.0-6.1.dsc dd6ae7da53e6db7a455255e2cb82d3ad62d6be4c 1039092 nginx_1.18.0-6.1.debian.tar.xz Checksums-Sha256: c3f56a1a81ad02fd96e9b6013c0c849e7ea2d82bd0befac1ceeab03345e32411 4913 nginx_1.18.0-6.1.dsc 26e1ecb3301f2d1c8f8b00113db5525f8daf8c9d252ae1d9d7edc92dd2ace40f 1039092 nginx_1.18.0-6.1.debian.tar.xz Files: f42fb47959a39c914524dacd82808830 4913 httpd optional nginx_1.18.0-6.1.dsc 285e1569cbcb08693a85ce5f9774799d 1039092 httpd optional nginx_1.18.0-6.1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmCyUzhfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EcVkP/RL1D2e706WEwXgvObGSkro5R+saAuhA xpwQEtVd4Q/uv9b3+qjUES2mZaeN3L/XA4gEBSGeaqmNLngm0e1ggI6J1/7hqWpr MHYxQ+f7EwwXaCanz0yi9o3znbECETTPNu8LgRSVRme3s10rJuAJb+wSyChFtNGY AwVl+4G5dWDwKsBCOOC2FvmgW5i6ZzH2US34WKy0IopwoNWwGaP3FvfEjpvIZ+1Q OWcPDBIaREOx7XZrFKEIBfd3M/3imlJt1VYWPDlKqQC7NdXhuvMnQW+7sJNv9gid aQ8/YDwlG8eU+CYpzJKt8cy9U/pcDGFXb+PzlMmvzcDkPZbuhpx/f72QfbSwS3kB g5hvrJyJDET6kpEd0paNFMrppmtXNsNuD89nodHhlhKmRA62H6fqPMQatkgq+S3l Y7rkLjmgAwEke7m6CeQ8aTU3qZuOMLyrZIbtQ99dLMyv7R5P/IBNc9D06/Fzf0Wy GSrfEcEw5Vm9Md5cl0vsVutOZm/Rn+GHiqdeDHD++2B/tyyQOUCLYJDm6XW6taR0 ktMu0AnV2ulN2lKRbD1OD0OUltZrr5QePU2qjgspL7muaglpj0FlgIKsxnOO5DYu vvNIT4hpQYTwkGuCiYpZMmTd5E88Xx7bOJgs6haU/Di8+U6yUYHRh5ml18bkmevZ XBpawsAOc/SB =G9BR -----END PGP SIGNATURE-----
--- End Message ---
