Your message dated Thu, 15 Jun 2006 23:13:12 -0400
with message-id <[EMAIL PROTECTED]>
and subject line fixed already
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: jabberd2-ldap-bdb
Version: 2.0s10-1
Severity: grave
Tags: security
Justification: user security hole
http://article.gmane.org/gmane.network.jabber.admin/27372
from the post:
===============
This is a jabberd2s11 security release.
This release fixes a problem where sending a <response> stanza before
an <auth> stanza during a SASL negotiation can cause a c2s segfault.
No other changes were made to the source from the s10 release.
Downloads are available here:
http://jabberstudio.org/projects/jabberd2/releases/
md5sum:67d1663ed97a5ba707d5d145b1d19c55
Bug reports and feature requests should be submitted using the tools
on http://j2.openaether.org/. General support requests should go to
jadmin <at> jabber.org. Anything else should be sent to
jabberd <at> jabberstudio.org.
Thanks to:
Jeremy Lunn
Stepehn Marquard
[/snip]
======
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (1000, 'unstable'), (998, 'experimental')
Architecture: powerpc (ppc)
Shell: /bin/sh linked to /bin/dash
Kernel: Linux 2.6.15.5-pylon.1
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Versions of packages jabberd2-ldap-bdb depends on:
ii jabber-common 0.4 Jabber server and transport (commo
ii libc6 2.3.6-3 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-24 Berkeley v4.2 Database Libraries [
ii libidn11 0.5.18-2 GNU libidn library, implementation
ii libldap-2.3 [libldap2] 2.3.7-0.3 OpenLDAP libraries
ii libldap-2.3-0 [libldap2] 2.3.20-1.1 OpenLDAP libraries
ii libldap2 2.2.20-0.1 OpenLDAP libraries
ii libldap2.3-0 [libldap2] 2.3.19-0.1 OpenLDAP libraries
ii libpam0g 0.79-3.1 Pluggable Authentication Modules l
ii libssl0.9.8 0.9.8a-8 SSL shared libraries
jabberd2-ldap-bdb recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Hi,
These bugs have been fixed already in experimental; and since there's no
jabberd2 in any other distribution, there's no point in leaving these
bugs open.
--- End Message ---
