Your message dated Sun, 05 Nov 2006 15:35:55 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#396204: fixed in xsupplicant 1.2.4.dfsg.1-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: xsupplicant
Version: 1.2.4.dfsg.1-2
Severity: critical
Tags: security
Justification: root security hole
Hi,
The upstream website mentions a new version which fixes a remote root exploit
possibility:
http://open1x.sourceforge.net/
Regards,
Robbert
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages xsupplicant depends on:
ii libc6 2.3.6.ds1-4 GNU C Library: Shared libraries
ii libiw28 28-1 Wireless tools - library
ii libssl0.9.8 0.9.8c-3 SSL shared libraries
xsupplicant recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: xsupplicant
Source-Version: 1.2.4.dfsg.1-3
We believe that the bug you reported is fixed in the latest version of
xsupplicant, which is due to be installed in the Debian FTP archive:
xsupplicant_1.2.4.dfsg.1-3.diff.gz
to pool/main/x/xsupplicant/xsupplicant_1.2.4.dfsg.1-3.diff.gz
xsupplicant_1.2.4.dfsg.1-3.dsc
to pool/main/x/xsupplicant/xsupplicant_1.2.4.dfsg.1-3.dsc
xsupplicant_1.2.4.dfsg.1-3_i386.deb
to pool/main/x/xsupplicant/xsupplicant_1.2.4.dfsg.1-3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Eric Evans <[EMAIL PROTECTED]> (supplier of updated xsupplicant package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 04 Nov 2006 22:35:06 -0600
Source: xsupplicant
Binary: xsupplicant
Architecture: source i386
Version: 1.2.4.dfsg.1-3
Distribution: unstable
Urgency: high
Maintainer: Eric Evans <[EMAIL PROTECTED]>
Changed-By: Eric Evans <[EMAIL PROTECTED]>
Description:
xsupplicant - 802.1x and 802.11i supplicant (client)
Closes: 396204
Changes:
xsupplicant (1.2.4.dfsg.1-3) unstable; urgency=high
.
* Fixed CVE-2006-5601 and CVE-2006-5602, (stack-based buffer overflow
vulnerability and memory leak). Closes: #396204.
Files:
d6f1413ca6140cce94fe08e375e62ad0 827 net optional
xsupplicant_1.2.4.dfsg.1-3.dsc
0ffb7332eecde6f3d66d1c9ef5e106a0 76621 net optional
xsupplicant_1.2.4.dfsg.1-3.diff.gz
36c92b116da2c8352b80e3becaa47f00 469776 net optional
xsupplicant_1.2.4.dfsg.1-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFTm7R+DWPovKDPJMRApbhAKCyHgE9MoAy4/omFDHQsTFmCkRrUgCfXAb0
Q7fx1plDsE5khpVFFmHpBqg=
=hqgY
-----END PGP SIGNATURE-----
--- End Message ---
