Your message dated Mon, 27 Nov 2006 10:47:05 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#399187: fixed in links 0.99+1.00pre12-1.1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
package: links
severity: grave
tags: security
A vulnerability has been found in links:
Links web browser 1.00pre12 and Elinks 0.9.2 with smbclient installed
allows remote attackers to execute arbitrary code via shell
metacharacters in an smb:// URI, as demonstrated by using PUT and GET
statements.
See http://secunia.com/advisories/22905
Please mention the CVE id in the changelog.
pgpwuez2LUyFo.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: links
Source-Version: 0.99+1.00pre12-1.1
We believe that the bug you reported is fixed in the latest version of
links, which is due to be installed in the Debian FTP archive:
links-ssl_0.99+1.00pre12-1.1_all.deb
to pool/main/l/links/links-ssl_0.99+1.00pre12-1.1_all.deb
links_0.99+1.00pre12-1.1.diff.gz
to pool/main/l/links/links_0.99+1.00pre12-1.1.diff.gz
links_0.99+1.00pre12-1.1.dsc
to pool/main/l/links/links_0.99+1.00pre12-1.1.dsc
links_0.99+1.00pre12-1.1_i386.deb
to pool/main/l/links/links_0.99+1.00pre12-1.1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Julien Cristau <[EMAIL PROTECTED]> (supplier of updated links package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 27 Nov 2006 02:03:42 +0100
Source: links
Binary: links-ssl links
Architecture: source i386 all
Version: 0.99+1.00pre12-1.1
Distribution: unstable
Urgency: high
Maintainer: Peter Gervai <[EMAIL PROTECTED]>
Changed-By: Julien Cristau <[EMAIL PROTECTED]>
Description:
links - Character mode WWW browser
links-ssl - Dummy package for transition to elinks
Closes: 399187
Changes:
links (0.99+1.00pre12-1.1) unstable; urgency=high
.
* Non-maintainer upload.
* High-urgency for security bug fix.
* Build without smb support to fix security issue (CVE-2006-5925),
closes: #399187.
Files:
74482d69fb9989046bc8be23a3daf4e2 620 web extra links_0.99+1.00pre12-1.1.dsc
32fa0a2fab0c54b14d0a519a7f8d90e2 8708 web extra
links_0.99+1.00pre12-1.1.diff.gz
9ad476ce7ec069e3667617d0516c6beb 5366 oldlibs extra
links-ssl_0.99+1.00pre12-1.1_all.deb
6e5712b82beaaaba19cc5ae28c082f80 377316 web extra
links_0.99+1.00pre12-1.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFarpmOU3FkQ7XBOoRAlt7AKCZfIGmAaUsD4nxVCo79d7dqWtOEACfUqmf
02hm9LVoVFGZsaXro3k/Rjk=
=eN0Q
-----END PGP SIGNATURE-----
--- End Message ---
